CVE-2023-5961: ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability

8.8 CVSS

Description

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.

Classification

CVE ID: CVE-2023-5961

CVSS Base Severity: HIGH

CVSS Base Score: 8.8

Affected Products

Vendor: Moxa

Product: ioLogik E1200 Series

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.07% (probability of being exploited)

EPSS Percentile: 34.06% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability

Timeline

2024-11-28 00:11:42 UTC
CVE

ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability