ProMinent MultiFLEX M10a Controller Web Interface Cross-Site Request Forgery Vulnerability
CVE-2017-14011 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the configuration of the device.
Learn more about our Web App Pen Testing.