CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4845

Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.056

EPSS Ranking 89.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

Products affected by CVE-2016-4845

Iodata » Hvl-A » Version: N/A

cpe:2.3:h:iodata:hvl-a:-
Iodata » Hvl-At » Version: N/A

cpe:2.3:h:iodata:hvl-at:-
Iodata » Hvl-Ata » Version: N/A

cpe:2.3:h:iodata:hvl-ata:-
Iodata » Hvl-A2.0 Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-a2.0_firmware:2.03
Iodata » Hvl-A3.0 Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-a3.0_firmware:2.03
Iodata » Hvl-A4.0 Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-a4.0_firmware:2.03
Iodata » Hvl-At1.0s Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-at1.0s_firmware:2.03
Iodata » Hvl-At2.0 Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-at2.0_firmware:2.03
Iodata » Hvl-At2.0a Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-at2.0a_firmware:2.03
Iodata » Hvl-At3.0 Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-at3.0_firmware:2.03
Iodata » Hvl-At3.0a Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-at3.0a_firmware:2.03
Iodata » Hvl-At4.0 Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-at4.0_firmware:2.03
Iodata » Hvl-At4.0a Firmware » Version: 2.03

cpe:2.3:o:iodata:hvl-at4.0a_firmware:2.03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4845

Products

Pricing

Contact Us