CVE-2023-47578

Name of the Vulnerable Software and Affected Versions Relyum RELY-PCIe version 22.2.1 Relyum RELY-REC version 23.1.0

Description The issue is related to Cross Site Request Forgery (CSRF) attacks, which can be launched against the devices due to the absence of CSRF protection in the web interface. This allows an attacker to trick a user into performing unintended actions on the web application.

Recommendations For Relyum RELY-PCIe version 22.2.1, consider disabling access to the web interface until a patch is available. For Relyum RELY-REC version 23.1.0, restrict access to the web interface to minimize the risk of exploitation. As a temporary workaround, consider implementing additional security measures, such as validating user requests and verifying the origin of requests to prevent CSRF attacks.