Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration
Vulnerability Description
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when a logged-in user visits the page.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
KYOCERA Net Admin 安全漏洞
Vulnerability Description
KYOCERA Net Admin是美国KYOCERA公司的一个企业级设备管理平台。 KYOCERA Net Admin 3.4.0906版本存在安全漏洞,该漏洞源于缺少适当的请求验证,可能导致跨站请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A