VYPR

Socifi Guest wifi

by SOCIFI

CVEs (2)

  • CVE-2021-27700HigNov 12, 2024
    risk 0.49cvss 7.6epss 0.00

    SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized customer with partner mode can switch to another customer dashboard and perform actions like modify user, delete user, etc.

  • CVE-2021-27701MedNov 12, 2024
    risk 0.31cvss 4.7epss 0.00

    SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.