A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an malicious user to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
schneider-electric easergy_t300_firmware |