Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver (Ethernet Emulation Mode). By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
HID Global OMNIKEY 跨站请求伪造漏洞
Vulnerability Description
HID Global OMNIKEY是美国HID Global公司的一个硬件设备。用于读取卡。 HID OMNIKEY 5427 and OMNIKEY 5127 readers 存在安全漏洞,远程攻击者可利用该漏洞通过说服认证用户访问恶意网站,向设备发送恶意HTTP请求,上传配置文件。
CVSS Information
N/A
Vulnerability Type
N/A