CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-3950

Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that select a different default admin user via a GET request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.1%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/75032
https://ics-cert.us-cert.gov/advisories/ICSA-15-155-01
http://www.securityfocus.com/bid/75032
https://ics-cert.us-cert.gov/advisories/ICSA-15-155-01

Products affected by CVE-2015-3950

Xzeres » 442sr » Version: N/A

cpe:2.3:h:xzeres:442sr:-
Xzeres » 442sr Os » Version: N/A

cpe:2.3:o:xzeres:442sr_os:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3950

Products

Pricing

Contact Us