CVE-2022-50804
Severity CVSS v4.0:
MEDIUM
Type:
CWE-352
Cross-Site Request Forgery (CSRF)
Publication date:
30/12/2025
Last modified:
16/01/2026
Description
JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, allowing attackers to perform administrative actions on behalf of authenticated users without their knowledge or consent.
Impact
Base Score 4.0
5.10
Severity 4.0
MEDIUM
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:jm-data:onu_jf511-tv_firmware:1.0.55:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jm-data:onu_jf511-tv_firmware:1.0.62:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jm-data:onu_jf511-tv_firmware:1.0.67:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jm-data:onu_jf511-tv:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://cxsecurity.com/issue/WLB-2022060058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/229355
- https://packetstormsecurity.com/files/167487/
- https://www.jm-data.com/
- https://www.vulncheck.com/advisories/jm-data-onu-jf-tv-cross-site-request-forgery-csrf-vulnerability
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5708.php
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5708.php