Unrated severityNVD Advisory· Published Apr 19, 2014· Updated May 6, 2026

CVE-2014-1990

Description

Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords.

Affected products

Toshibatec/E Studio 232
cpe:2.3:h:toshibatec:e-studio-232:-:*:*:*:*:*:*:*
Toshibatec/E Studio 233
cpe:2.3:h:toshibatec:e-studio-233:-:*:*:*:*:*:*:*
Toshibatec/E Studio 282
cpe:2.3:h:toshibatec:e-studio-282:-:*:*:*:*:*:*:*
Toshibatec/E Studio 283
cpe:2.3:h:toshibatec:e-studio-283:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN13313061/index.htmlnvd
jvndb.jvn.jp/jvndb/JVNDB-2014-000038nvd
www.toshibatec.co.jp/page.jspnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000