Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors Products
Dragino
  • Lg01 Lora
  • Lg01 Lora Firmware

Configuration 1 [-]

AND
cpe:2.3:o:dragino:lg01_lora_firmware:4.3.4:*:*:*:*:*:*:*
cpe:2.3:h:dragino:lg01_lora:-:*:*:*:*:*:*:*
References
Link Resource
https://sectrio.com/vulnerability-research/cve-2022-45228/ Exploit Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-12-12T00:00:00

Updated: 2022-12-12T00:00:00

Reserved: 2022-11-14T00:00:00

Link: CVE-2022-45228

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-12-12T03:15:09.537

Modified: 2022-12-13T14:08:14.520

Link: CVE-2022-45228

JSON object: View

cve-icon Redhat Information

No data.

CWE