How severe is CVE-2024-35207?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2024-35207?

This is classified as CWE-352, which is a common weakness in software security.

CVE-2024-35207 - HIGH Severity | CVSS 7.8

Vulnerability Description

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.

Related Vulnerabilities

CVE-2020-10890

HIGH

CVSS:7.8(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the t...

CWE-3522020

CVE-2020-10892

HIGH

CVSS:7.8(High)

CWE-3522020

CVE-2014-100005

HIGH

CVSS:8.0(High)

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for req...

CWE-3522014

CVE-2015-2142

HIGH

CVSS:8.0(High)

Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to (1) hijack the authentication of users for requests that cause...

CWE-3522015

CVE-2015-4630

HIGH

CVSS:8.0(High)

Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack th...

CWE-3522015

CVE-2015-7284

HIGH

CVSS:8.0(High)

Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users.

CWE-3522015