Vulnerability Details CVE-2022-50804
JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, allowing attackers to perform administrative actions on behalf of authenticated users without their knowledge or consent.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 12.2%
CVSS Severity
CVSS v3 Score 8.8
References
- https://cxsecurity.com/issue/WLB-2022060058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/229355
- https://packetstormsecurity.com/files/167487/
- https://www.jm-data.com/
- https://www.vulncheck.com/advisories/jm-data-onu-jf-tv-cross-site-request-forgery-csrf-vulnerability
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5708.php
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5708.php
Products affected by CVE-2022-50804
-
cpe:2.3:h:jm-data:onu_jf511-tv:-
-
cpe:2.3:o:jm-data:onu_jf511-tv_firmware:1.0.55
-
cpe:2.3:o:jm-data:onu_jf511-tv_firmware:1.0.62
-
cpe:2.3:o:jm-data:onu_jf511-tv_firmware:1.0.67