An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2019-10-09T15:26:53
Updated: 2024-08-04T23:57:39.443Z
Reserved: 2019-07-11T00:00:00
Link: CVE-2019-13529
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-10-09T16:15:14.310
Modified: 2024-11-21T04:25:05.087
Link: CVE-2019-13529
Redhat
No data.