ProMinent MultiFLEX M10a Controller Web Interface Cross-Site Request Forgery Vulnerability

ProMinent MultiFLEX M10a Controller Web Interface Cross-Site Request Forgery Vulnerability

CVE-2017-14011 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the configuration of the device.

Learn more about our Web App Pen Testing.