Unprotected CSRF Vulnerability in EdgePower 24V/54V Firmware v1.7.0 and Earlier Allows Remote Code Execution

Unprotected CSRF Vulnerability in EdgePower 24V/54V Firmware v1.7.0 and Earlier Allows Remote Code Execution

CVE-2020-8282 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution.

Learn more about our Web Application Penetration Testing UK.