Description
A CSRF issue was discovered in the administrative web GUI in Blu-Castle BCUM221E 1.0.0P220507. This can be exploited via a URL, an image load, an XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.
References (2)
Core 2
Core References
Various Sources
https://blu-castle.com/
Scores
CVSS v3
4.6
EPSS
0.0012
EPSS Percentile
2.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-352
Status
published
Published
Oct 29, 2025
Tracked Since
Feb 18, 2026