CVE-2018-25155

Name of the Vulnerable Software and Affected Versions Teradek Slice version 7.3.15

Description A cross-site request forgery (CSRF) issue exists, which is a flaw where a malicious website can trick a logged-in user into performing actions they did not intend to. This allows attackers to change administrative passwords due to a lack of proper request validation by crafting a malicious web page that automatically submits password change requests to the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.