Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-Site Request Forgery (CSRF) in Riello UPS Netman-204
Vulnerability Description
There is a CSRF vulnerability on Netman-204 version 02.05. An attacker could manage to change administrator passwords through a Cross Site Request Forgery due to the lack of proper validation on the CRSF token. This vulnerability could allow a remote attacker to access the administrator panel, being able to modify different parameters that are critical for industrial operations.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
RIELLO UPS NetMan 204 跨站请求伪造漏洞
Vulnerability Description
Riello Ups RIELLO UPS NetMan是意大利Riello Ups公司的一款网络适配器。 RIELLO UPS NetMan 204 02.05版本存在安全漏洞,该漏洞源于缺乏对CRSF令牌的正确验证,存在CSRF漏洞,攻击者可以通过跨站请求伪造来设法更改管理员密码。
CVSS Information
N/A
Vulnerability Type
N/A