Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Broken authentication on Logitech Options due to misvalidation of Oauth state parameter
Vulnerability Description
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
Logitech Options 跨站请求伪造漏洞
Vulnerability Description
Logitech Options是Logitech的一款功能强大且易于使用的应用程序,可增强您的 Logitech 鼠标、键盘和触摸板。 Logitech Options 存在跨站请求伪造漏洞,该漏洞源于Oauth 2.0 的状态参数未能进行正确的验证。攻击者利用该漏洞在身份验证和授权操作期间可以发起跨站请求伪造攻击,
CVSS Information
N/A
Vulnerability Type
N/A