Vulnerability Details CVE-2021-29660
A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox through 4.10.1.13035 allows attackers to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
Products affected by CVE-2021-29660
-
cpe:2.3:a:softing:opc_toolbox:-
-
cpe:2.3:a:softing:opc_toolbox:4.10.1.13035