CVE-2013-4865

Publication date

2020-01-28 16:09:26

Family

mitre

State

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.