CVE-2017-2682 - AskarLabs CVE Database

CVE-2017-2682

Vendor N/A

Product RUGGEDCOM NMS All versions < V2.1 (Windows and Linux)

Weakness CWE-352 · CSRF

Published February 27, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request.

Key dates

02Disclosure timeline

February 27, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-2682 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2025-63030 WordPress New User Approve plugin <= 3.2.3 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-48306 WordPress Savyour Affiliate Partner plugin <= 2.1.4 - CSRF to Stored XSS vulnerability CVE-2023-51531 WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2022-0197 Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite CVE-2025-5928 WP Sliding Login/Dashboard Panel <= 2.1.1 - Cross-Site Request Forgery to Settings Update