CSRF Vulnerability in ECESSA ShieldLink SL175EHQ 10.7.4 Devices Allows Unauthorized Superuser Account Addition

CSRF Vulnerability in ECESSA ShieldLink SL175EHQ 10.7.4 Devices Allows Unauthorized Superuser Account Addition

CVE-2018-13032 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.

Learn more about our Web App Pen Testing.