CVE-2025-7330 | THREATINT

Description

A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems from missing CSRF checks on the impacted form. This allows for unintended configuration modification if an attacker can convince a logged in admin to visit a crafted link.

PUBLISHED Reserved 2025-07-07 | Published 2025-10-14 | Updated 2025-10-14 | Assigner Rockwell

HIGH: 7.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-352: Cross-Site Request Forgery (CSRF)

Product status

Default status

unaffected

Version 1.006 and prior

affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1756.html

cve.org (CVE-2025-7330)

nvd.nist.gov (CVE-2025-7330)

Download JSON