N/A

The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request.

N/A

跨站请求伪造(CSRF)

Siemens RUGGEDCOM NMS 跨站请求伪造漏洞

Siemens RUGGEDCOM NMS是德国西门子（Siemens）公司的一套用于监控、配置和维护RUGGEDCOM任务网络的企业级解决方案。 8080/TCP和8081/TCP端口上的Siemens RUGGEDCOM NMS 1.2之前的版本中存在跨站请求伪造漏洞。攻击者可利用该漏洞执行未授权的操作。

N/A

N/A