CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-25155

Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page that automatically submits password change requests to the device when a logged-in user visits the page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.6%

CVSS Severity

CVSS v3 Score 5.3

References

https://www.exploit-db.com/exploits/44676
https://www.teradek.com
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467.php

Products affected by CVE-2018-25155

Teradek » Slice » Version: 2.1

cpe:2.3:h:teradek:slice:2.1
Teradek » Slice Firmware » Version: 7.3.15

cpe:2.3:o:teradek:slice_firmware:7.3.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-25155

Products

Pricing

Contact Us