Security Advisory

CVE-2023-35120

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-06 23:09:42

Last updated 2024-11-13 21:21:34

Assigner icscert

State PUBLISHED

Description

PiiGAB M-Bus is vulnerable to cross-site request forgery. An attacker who wants to execute a certain command could send a phishing mail to the owner of the device and hope that the owner clicks on the link. If the owner of the device has a cookie stored that allows the owner to be logged in, then the device could execute the GET or POST link request.

← Browse all CVEs View on cve.org ↗