漏洞标题
"PiiGAB M-Bus 跨站点请求伪造"
漏洞描述信息
PiiGAB M-Bus跨站请求伪造
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
跨站请求伪造(CSRF)
漏洞标题
PiiGAB M-Bus Cross-Site Request Forgery
漏洞描述信息
PiiGAB M-Bus is vulnerable to cross-site request forgery. An attacker who wants to execute a certain command could send a phishing mail to the owner of the device and hope that the owner clicks on the link. If the owner of the device has a cookie stored that allows the owner to be logged in, then the device could execute the GET or POST link request.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
跨站请求伪造(CSRF)
漏洞标题
PiiGAB M-Bus 跨站请求伪造漏洞
漏洞描述信息
PiiGAB M-Bus是PiiGAB公司的一种在电表和中央数据采集系统或预付费单元之间使用的通信协议。 PiiGAB M-Bus 900S版本存在跨站请求伪造漏洞,该漏洞源于容易受到跨站点请求伪造的攻击,攻击者利用该漏洞可以执行GET或POST链接请求。
CVSS信息
N/A
漏洞类别
跨站请求伪造