CSRF Vulnerability in Web-Based Interface Allows Unauthorized Actions on Behalf of Users

CSRF Vulnerability in Web-Based Interface Allows Unauthorized Actions on Behalf of Users

CVE-2021-23849 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a malicious website while being logged in into the camera.

Learn more about our Web App Pen Testing.