Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hidglobal Subscribe
Filtered by product Omnikey 5127 Firmware
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-36283 1 Hidglobal 4 Omnikey 5127, Omnikey 5127 Firmware, Omnikey 5427 and 1 more 2021-03-26 6.8 MEDIUM 8.8 HIGH
HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver (Ethernet Emulation Mode). By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.