Vulnerability Description
Cross Site Request Forgery (CSRF) vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Resiot | Iot Platform And Lorawan Network Server | <= 4.1.1000114 |
Related Weaknesses (CWE)
References
- https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_PrevenThird Party Advisory
- https://securityblog101.blogspot.com/2022/09/cve-2022-34020.htmlExploitThird Party Advisory
- https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_PrevenThird Party Advisory
- https://securityblog101.blogspot.com/2022/09/cve-2022-34020.htmlExploitThird Party Advisory
FAQ
What is CVE-2022-34020?
CVE-2022-34020 is a vulnerability with a CVSS score of 8.8 (HIGH). Cross Site Request Forgery (CSRF) vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified ...
How severe is CVE-2022-34020?
CVE-2022-34020 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-34020?
Check the references section above for vendor advisories and patch information. Affected products include: Resiot Iot Platform And Lorawan Network Server.