N/A

A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server.

N/A

N/A

多款Westermo设备跨站请求伪造漏洞

Westermo MRD-305-DIN等都是瑞典威斯特摩（Westermo）公司的路由器产品。 多款Westermo设备中存在跨站请求伪造漏洞，该漏洞源于程序没有检测请求是否来自用户。远程攻击者可利用该漏洞执行未授权的操作。以下产品和版本受到影响：Westermo MRD-305-DIN 1.7.5.0之前的版本，MRD-315 1.7.5.0之前的版本，MRD-355 1.7.5.0之前的版本，MRD-455 1.7.5.0之前的版本。

N/A

N/A