CVE-2022-50804

HIGH

JM-DATA ONU JF511-TV <1.0.67 - CSRF

Title source: llm
STIX 2.1

Description

JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, allowing attackers to perform administrative actions on behalf of authenticated users without their knowledge or consent.

References (6)

Core 6
Core References
Third Party Advisory third-party-advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5708.php
Third Party Advisory exploit
https://packetstormsecurity.com/files/167487/
Exploit, Third Party Advisory third-party-advisory
https://cxsecurity.com/issue/WLB-2022060058
Product product
https://www.jm-data.com/

Scores

CVSS v3 8.8
EPSS 0.0022
EPSS Percentile 12.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-352
Status published
Products (3)
jm-data/onu_jf511-tv_firmware 1.0.55
jm-data/onu_jf511-tv_firmware 1.0.62
jm-data/onu_jf511-tv_firmware 1.0.67
Published Dec 30, 2025
Tracked Since Feb 18, 2026