High severity8.8NVD Advisory· Published Aug 25, 2017· Updated May 13, 2026
CVE-2017-12703
CVE-2017-12703
Description
A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server.
Affected products
5- cpe:2.3:o:westermo:mrd-305-din_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:westermo:mrd-315-din_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:westermo:mrd-355-din_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:westermo:mrd-455-din_firmware:-:*:*:*:*:*:*:*
- Range: Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/100470nvdThird Party AdvisoryVDB Entry
- ics-cert.us-cert.gov/advisories/ICSA-17-236-01nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.