CVE-2019-25244

Name of the Vulnerable Software and Affected Versions Legrand BTicino Driver Manager F454 version 1.0.51

Description The software contains web vulnerabilities that permit attackers to carry out administrative tasks without sufficient request validation. An attacker can leverage cross-site request forgery to modify passwords and inject stored cross-site scripting payloads via unvalidated GET parameters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.