Primary

Context

Ercom Cryptobox Cross-Site Request Forgery Vulnerability in Administration Console

Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Ercom Cryptobox administration console. This vulnerability allows an attacker to perform actions on behalf of a Cryptobox administrator. The exploitation requires the administrator to visit a malicious website or click a link while logged into the administration console.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed in the Cryptobox administration console, potentially allowing an attacker to manipulate settings or data within the application.

Remediation

Users can upgrade to Cryptobox version 4.39.194 or later, where this vulnerability has been addressed.

Added: Dec 17, 2025, 2:16 PM

Updated: Dec 17, 2025, 2:16 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ercom Cryptobox Cross-Site Request Forgery Vulnerability in Administration Console

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating