Security Advisory

CVE-2016-4845

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-09-24 10:00:00

Last updated 2024-08-06 00:39:26

Assigner jpcert

State PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content.

← Browse all CVEs View on cve.org ↗