Vulnerability Details CVE-2024-8458
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.1%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2024-8458
-
cpe:2.3:h:planet:gs-4210-24p2s:3.0
-
cpe:2.3:h:planet:gs-4210-24pl4c:2.0
-
cpe:2.3:o:planet:gs-4210-24p2s_firmware:*
-
cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*