First published: Tue Jun 16 2020(Updated: )
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Easergy T300 Firmware | <=1.5.2 | |
Schneider-electric Easergy T300 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.