Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-53961. PoCs published by LiquidWorm.
AI-analyzed exploit summary This PoC demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in SOUND4 IMPACT/FIRST/PULSE/Eco v2.x, allowing an attacker to perform administrative actions (e.g., logo removal) via a malicious HTTP request if a logged-in user visits a crafted webpage.
Description
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages that submit HTTP requests to the radio processing interface, triggering unintended administrative operations when a logged-in user visits the page.
Exploits (1)
This PoC demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in SOUND4 IMPACT/FIRST/PULSE/Eco v2.x, allowing an attacker to perform administrative actions (e.g., logo removal) via a malicious HTTP request if a logged-in user visits a crafted webpage.
References (4)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N