CVE-2017-14011

CVE-2017-14011

Vendor N/A
Product ProMinent MultiFLEX M10a Controller
Weakness CWE-352 · CSRF
Published October 17, 2017
Last update August 5, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the configuration of the device.

Key dates

02Disclosure timeline

October 17, 2017 CVE published
August 5, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-1073 Purchase Button For Affiliate Link <= 1.0.2 - Cross-Site Request Forgery to Settings Update CVE-2024-34007 moodle: logout CSRF in admin/tool/mfa/auth.php CVE-2026-8943 GoStats for WordPress <= 1.4 - Cross-Site Request Forgery via gostats_manage() Function CVE-2024-31431 WordPress Product Input Fields for WooCommerce plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) vulnerability CVE-2024-37493 WordPress Posterity theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability