Cross-Site Request Forgery (CSRF) Vulnerability in Westermo MRD-305-DIN and MRD-315, MRD-355, MRD-455

Cross-Site Request Forgery (CSRF) Vulnerability in Westermo MRD-305-DIN and MRD-315, MRD-355, MRD-455

CVE-2017-12703 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server.

Learn more about our Cis Benchmark Audit For Server Software.