CVE-2024-43684 | HackTesting

Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0.

Credits

Armando Huesca Prida

Marco Negro

Antonio Carriero

Vito Pistillo

Davide Renna

Manuel Leone

Massimiliano Brolli

TIM Security Red Team Research

References

https://www.gruppotim.it/it/footer/red-team.html

https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-cross-site-request-forgery