CVE-2017-2682

The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request. Date published : 2017-02-27 http://www.securityfocus.com/bid/96458

http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-363881.pdf