PT-2023-26020 · Unknown · Wtc-C1167Gc-W+1
Kentaro Ishii
·
Published
2023-07-13
·
Updated
2023-07-25
·
CVE-2023-37562
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WTC-C1167GC-B versions 1.17 and earlier
WTC-C1167GC-W versions 1.17 and earlier
Description
A cross-site request forgery (CSRF) issue exists, allowing unintended operations to be performed if a user views a malicious page while logged in.
Recommendations
For WTC-C1167GC-B versions 1.17 and earlier, consider implementing CSRF tokens or other anti-CSRF measures to prevent exploitation.
For WTC-C1167GC-W versions 1.17 and earlier, consider implementing CSRF tokens or other anti-CSRF measures to prevent exploitation.
As a temporary workaround, consider restricting user access to sensitive operations while logged in to minimize the risk of exploitation.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wtc-C1167Gc-B
Wtc-C1167Gc-W