CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22286

Cross-site request forgery (CSRF) vulnerability in MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allows a remote unauthenticated attacker to hijack the user authentication and conduct user's unintended operations by having a user to view a malicious page while logged in.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.3%

CVSS Severity

CVSS v3 Score 8.1

References

Products affected by CVE-2023-22286

Ate-Mahoroba » Maho-Pbx Netdevancer » Version: N/A

cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer:-
Ate-Mahoroba » Maho-Pbx Netdevancer Mobilegate » Version: N/A

cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer_mobilegate:-
Ate-Mahoroba » Maho-Pbx Netdevancer Vsg » Version: N/A

cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer_vsg:-
Ate-Mahoroba » Maho-Pbx Netdevancer Firmware » Version: N/A

cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_firmware:-
Ate-Mahoroba » Maho-Pbx Netdevancer Mobilegate Firmware » Version: N/A

cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_mobilegate_firmware:-
Ate-Mahoroba » Maho-Pbx Netdevancer Vsg Firmware » Version: N/A

cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_vsg_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22286

Products

Pricing

Contact Us