CSRF Vulnerability in XZERES 442SR OS Allows Remote Admin Authentication Hijacking
CVE-2015-3950 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that select a different default admin user via a GET request.
Learn more about our User Device Pen Test.