Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenPLC_V3 Cross-Site Request Forgery
Vulnerability Description
OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of proper CSRF validation. This issue allows an unauthenticated attacker to trick a logged-in administrator into visiting a maliciously crafted link, potentially enabling unauthorized modification of PLC settings or the upload of malicious programs which could lead to significant disruption or damage to connected systems.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
OpenPLC Runtime version 3 跨站请求伪造漏洞
Vulnerability Description
OpenPLC Runtime version 3是Thiago Alves个人开发者的一个可编程逻辑控制器。 OpenPLC Runtime version 3 存在跨站请求伪造漏洞,该漏洞源于缺少CSRF验证,可能导致跨站请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A