CVE-2023-47578

HIGH EPSS 21.9%

Published Dec 13, 20232y ago · Modified Jun 17, 20261w ago

8.8 CVSS 3.1

High

Published Dec 13, 2023 2y ago

Last Modified Jun 17, 2026 1w ago

Description

Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface.

CVSS Details

Base Score

8.8

Exploitability

2.8

Impact

5.9

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction Required

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

21.9% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-352 Cross-Site Request Forgery (CSRF) Authentication

Affected Products 4

Vendor	Product	Version	Range
relyum	rely-pcie_firmware	22.2.1	any
relyum	rely-pcie	*	any
relyum	rely-rec_firmware	23.1.0	any
relyum	rely-rec	*	any

References 1

relyum.com https://www.relyum.com/web/support/vulnerability-report/

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.