CVE-2014-9431

Smoothwall Express <3.1,3.0 SP3 - CSRF

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1) admin or (2) dial password via a request to httpd/cgi-bin/changepw.cgi.

References (2)

Core 2

Scores

EPSS 0.0090
EPSS Percentile 55.5%

Details

CWE
CWE-352
Status published
Products (2)
smoothwall/smoothwall 3.0 sp3
smoothwall/smoothwall 3.1
Published Dec 31, 2014
Tracked Since Feb 18, 2026