MidnightBSD

Advisories for esoft

CVE-2007-3786 HIGH

Cross-site request forgery (CSRF) vulnerability on the eSoft InstaGate EX2 UTM device before firmware 3.1.20070615 allows remote attackers to perform privileged actions as administrators. NOTE: the vendor disputes the distribution of the vulnerable software, stating that it was a custom build for a former customer

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
esoft instagate_ex2_utm firmware_3.1.20070605
esoft instagate_ex2_utm firmware_3.1.20031001
esoft instagate_ex2_utm firmware_3.1.20060921