CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-25254

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when a logged-in user visits the page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.8%

CVSS Severity

CVSS v3 Score 5.3

References

https://global.kyocera.com
https://www.exploit-db.com/exploits/44431
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5458.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5458.php

Products affected by CVE-2019-25254

Kyocera » Net Admin » Version: 3.4.0906

cpe:2.3:a:kyocera:net_admin:3.4.0906

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-25254

Products

Pricing

Contact Us