Rockwell Automation 1783-NATR Cross-Site Request Forgery Vulnerability_CVE-2025-7330

7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems from missing CSRF checks on the impacted form. This allows for unintended configuration modification if an attacker can convince a logged in admin to visit a crafted link.

Basic Information

ID CVE-2025-7330

Source Rockwell

Published Oct 14, 2025 at 12:43

Modified Oct 14, 2025 at 13:11

Affected Product

Vendor Rockwell Automation

Product Comms - 1783-NATR

Version Version 1.006 and prior

Affected Versions Rockwell Automation Comms - 1783-NATR Version 1.006 and prior

CWE Classification

CWE-352

References

www.rockwellautomation.com /en-us/trust-center/security-advisories/advisory.SD1756.html

{
    "lastseen": "",
    "description": "A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems from missing CSRF checks on the impacted form. This allows for unintended configuration modification if an attacker can convince a logged in admin to visit a crafted link.",
    "published": "2025-10-14T12:43:40.198Z",
    "modified": "2025-10-14T13:11:44.272Z",
    "type": "cve",
    "title": "Rockwell Automation 1783-NATR Cross-Site Request Forgery Vulnerability",
    "source": "Rockwell",
    "references": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1756.html",
    "id": "CVE-2025-7330",
    "bulletinFamily": "",
    "cwe": [
        "CWE-352"
    ],
    "cvelist": null,
    "sourceData": "Rockwell Automation Comms - 1783-NATR Version 1.006 and prior",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Comms - 1783-NATR",
    "version": "Version 1.006 and prior",
    "vendor": "Rockwell Automation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}