CVE-2022-50804 MEDIUM

CVE-2022-50804: JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery (CSRF) Vulnerability

Vendor Jm-Data Onu
Product JF511-TV
Weakness CWE-352 · CSRF
Published December 30, 2025
Last update January 16, 2026
View on NVD All CVEs

CVSS base score

5.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, allowing attackers to perform administrative actions on behalf of authenticated users without their knowledge or consent.

Key dates

02Disclosure timeline

December 30, 2025 CVE published
January 16, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-40925 WWBN AVideo has CSRF in configurationUpdate.json.php Enables Full Site Configuration Takeover Including Encoder URL and SMTP Credentials CVE-2022-4633 Auto Upload Images Settings setting-page.php cross-site request forgery CVE-2025-0610 CSRF in Akinsoft's QR Menu CVE-2024-32082 WordPress Sync Post With Other Site plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) to XSS vulnerability CVE-2021-25025 Event Calendar < 1.1.51 - Subscriber+ Event Creation