CVE-2015-3950 Information

Description

Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that select a different default admin user via a GET request.

Reference

http://www.securityfocus.com/bid/75032 https://ics-cert.us-cert.gov/advisories/ICSA-15-155-01