Incomplete Fix for Cross-Site Request Forgery (CSRF) Vulnerability in Advantech/BroadWin WebAccess 7.0

Incomplete Fix for Cross-Site Request Forgery (CSRF) Vulnerability in Advantech/BroadWin WebAccess 7.0

CVE-2012-1235 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0235.

Learn more about our Web App Pen Testing.