24 Sep 2016
CVE-2016-4845 Vulnerability
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content. (CVSS:6.8) (Last Update:2016-09-28)
Vulnerability Details : Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content. Publish Date : 2016-09-24 Last Update Date : 2016-09-28 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-4845
- Number Of Affected Versions By Product
- References For CVE-2016-4845
- Vulnerability Conditions
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-4845There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |