1. Home
  2. CVE Database
  3. CVE-2023-5961
HIGH · 8.8

CVE-2023-5961

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making...

Vulnerability Description

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
MoxaIologik E1210 Firmware< 3.3
MoxaIologik E1210-
MoxaIologik E1211 Firmware< 3.3
MoxaIologik E1211-
MoxaIologik E1212 Firmware< 3.3
MoxaIologik E1212-
MoxaIologik E1213 Firmware< 3.3
MoxaIologik E1213-
MoxaIologik E1214 Firmware< 3.3
MoxaIologik E1214-
MoxaIologik E1240 Firmware< 3.3
MoxaIologik E1240-
MoxaIologik E1241 Firmware< 3.3
MoxaIologik E1241-
MoxaIologik E1242 Firmware< 3.3
MoxaIologik E1242-
MoxaIologik E1260 Firmware< 3.3
MoxaIologik E1260-
MoxaIologik E1262 Firmware< 3.3
MoxaIologik E1262-

Related Weaknesses (CWE)

CWE-352

References

FAQ

What is CVE-2023-5961?

CVE-2023-5961 is a vulnerability with a CVSS score of 8.8 (HIGH). A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making...

How severe is CVE-2023-5961?

CVE-2023-5961 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-5961?

Check the references section above for vendor advisories and patch information. Affected products include: Moxa Iologik E1210 Firmware, Moxa Iologik E1210, Moxa Iologik E1211 Firmware, Moxa Iologik E1211, Moxa Iologik E1212 Firmware.