PT-2025-44300 · Unknown · Blu-Castle Bcum221E
Published
2025-10-29
·
Updated
2025-10-29
·
CVE-2024-45161
CVSS v3.1
4.6
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Blu-Castle BCUM221E version 1.0.0P220507
Description
A Cross-Site Request Forgery (CSRF) issue exists in the administrative web GUI. This can be exploited through various methods, including a crafted URL, loading an image, or using an XMLHttpRequest. Successful exploitation may lead to data exposure or unintended code execution.
Recommendations
Apply a fix or update to address the CSRF issue in the administrative web GUI. As a temporary workaround, consider implementing CSRF protection mechanisms, such as synchronizer tokens, to mitigate the risk of exploitation.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Blu-Castle Bcum221E