CVE-2024-35207

Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer versions prior to V1.2

Description: A vulnerability has been identified in the web interface of the affected devices, making them susceptible to Cross-Site Request Forgery (CSRF) attacks. By tricking an authenticated victim user into clicking a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.

Recommendations: For versions prior to V1.2, update to version V1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation. Avoid clicking on suspicious links from untrusted sources to prevent potential CSRF attacks.