CVE-2023-5961
Last modified
CVE-2023-5961 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. EPSS estimates a 0.37% chance of exploitation in the next 30 days.
Description
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Iologik E1210 Firmware | < 3.3 |
| Moxa | Iologik E1211 Firmware | < 3.3 |
| Moxa | Iologik E1212 Firmware | < 3.3 |
| Moxa | Iologik E1213 Firmware | < 3.3 |
| Moxa | Iologik E1214 Firmware | < 3.3 |
| Moxa | Iologik E1240 Firmware | < 3.3 |
| Moxa | Iologik E1241 Firmware | < 3.3 |
| Moxa | Iologik E1242 Firmware | < 3.3 |
| Moxa | Iologik E1260 Firmware | < 3.3 |
| Moxa | Iologik E1262 Firmware | < 3.3 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-5961?
How severe is CVE-2023-5961?
How do I fix CVE-2023-5961?
Are you affected by CVE-2023-5961?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST