CVE-2022-50804

JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, allowing attackers to perform administrative actions on behalf of authenticated users without their knowledge or consent.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
VulnCheckCNA
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://cxsecurity.com/issue/WLB-2022060058
https://exchange.xforce.ibmcloud.com/vulnerabilities/229355
https://packetstormsecurity.com/files/167487/
https://www.jm-data.com/
https://www.vulncheck.com/advisories/jm-data-onu-jf-tv-cross-site-request-forgery-csrf-vulnerability
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5708.php