CVE-2019-25254 - KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration
CVE ID : CVE-2019-25254
Published : Dec. 24, 2025, 8:15 p.m. | 7 hours, 38 minutes ago
Description : KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when a logged-in user visits the page.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Dec. 24, 2025, 8:15 p.m. | 7 hours, 38 minutes ago
Description : KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when a logged-in user visits the page.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...