Primary

Context

Rockwell Automation Comms - 1783-NATR Cross-Site Request Forgery Vulnerability

Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in the Rockwell Automation Comms - 1783-NATR product, all versions through 1.006. This vulnerability arises from the absence of CSRF protection on a specific form, allowing attackers to manipulate configurations unintentionally. Exploitation requires convincing a logged-in administrator to click on a malicious link.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in configuration, potentially allowing attackers to manipulate NAT rules or disrupt device communication.

Remediation

Users can upgrade to version 1.007 or later to address this vulnerability. For those unable to upgrade, Rockwell Automation recommends following their security best practices.

Added: Oct 14, 2025, 1:21 PM

Updated: Oct 14, 2025, 11:35 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation Comms - 1783-NATR Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating