CVE-2026-24345HIGH 8.8EPSS p3.7%

CVE-2026-24345CVE-2026-24345

Description

Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.14% probability of exploitation · percentile 3.7% · 2026-06-19T12:03:05Z
Published2026-01-27
Last modified2026-02-05

Underlying weaknesses· 2

CWE-20CWE-352

References

  1. https://hub.ntc.swiss/ntcf-2025-32832

2

TypeTargetConfidenceTier
WeaknessImproper Input Validationcwe-200%live
WeaknessCross-Site Request Forgery (CSRF)cwe-3520%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24346
CVE
CVE-2026-11241
CVE
CVE-2025-65472
CVE
CVE-2026-11259
CVE
CVE-2026-8604
CVE
CVE-2026-11069
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.