CVE-2026-22323

| EUVD-2026-12794 HIGH
2026-03-18 CERTVDE
7.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Mar 18, 2026 - 08:00 euvd
EUVD-2026-12794
Analysis Generated
Mar 18, 2026 - 08:00 vuln.today
CVE Published
Mar 18, 2026 - 07:35 nvd
HIGH 7.1

Tags

CSRF Fl Switch 2406 2sfx Fl Switch 2108 Fl Switch 2206 2fx Sm St Fl Switch 2708 Pn Fl Switch 2312 2gc 2sfp Fl Switch 2208 Pn Fl Switch 2608 Pn Fl Switch 2316 Pn Fl Switch 2105 Fl Switch 2206c 2fx Fl Switch 2504 2gc 2sfp Fl Switch 2414 2sfx Fl Switch 2308 Pn Fl Switch 2008f Fl Switch 2406 2sfx Pn Fl Switch 2508 Fl Switch 2708 Fl Switch 2408 Fl Switch 2206 2fx St Fl Switch 2514 2sfp Fl Switch 2016 Fl Nat 2008 Fl Switch 2304 2gc 2sfp Fl Switch Tsn 2314 2sfp Fl Switch 2404 2tc 2sfx Fl Switch 5924 4gc Fl Switch 2514 2sfp Pn Fl Nat 2208 Fl Switch 2412 2tc 2sfx Fl Switch Tsn 2312 2gc 2sfp Fl Switch 2205 Fl Switch 2303 8sp1 Fl Switch 2506 2sfp Fl Switch 2206 2fx Fl Switch 2214 2fx Sm Fl Switch 2316 Fl Switch 2414 2sfx Pn Fl Switch 2416 Fl Switch 2506 2sfp Pn Fl Switch 2314 2sfp Fl Switch 2204 2tc 2sfx Fl Switch Tsn 2316 Fl Switch 2408 Pn Fl Switch 2306 2sfp Fl Switch 2206 2fx Sm Fl Switch 2216 Fl Switch 2208 Fl Switch 2308 Fl Nat 2304 2gc 2sfp Fl Switch 2005 Fl Switch 2516 Fl Switch 2214 2sfx Fl Switch 2416 Pn Fl Switch 2512 2gc 2sfp Fl Switch 2208c Fl Switch 2608 Fl Switch 2314 2sfp Pn Fl Switch 2214 2fx Fl Switch 2008 Fl Switch 2212 2tc 2sfx Fl Switch 2216 Pn Fl Switch 2516 Pn Fl Switch 2116 Fl Switch 2207 Fx Fl Switch 2306 2sfp Pn Fl Switch 5924sfp 4gc Fl Switch 2214 2sfx Pn Fl Switch 2207 Fx Sm Fl Switch 2206 2sfx Fl Switch 2508 Pn Fl Switch 2206 2sfx Pn

Description

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the victim’s knowledge or consent. Availability impact was set to low because after a successful attack the device will automatically recover without external intervention.

Analysis

A CSRF vulnerability in A CSRF vulnerability in the Link Aggregation configuration interface (CVSS 7.1) that allows an unauthenticated remote attacker. High severity vulnerability requiring prompt remediation.

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all affected Link Aggregation devices and restrict administrative access to trusted networks only. Within 7 days: Implement network segmentation to limit device access, disable Link Aggregation configuration interface if not actively used, and deploy email/web filtering to block phishing attempts. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

36
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +36
POC: 0

Share

CVE-2026-22323 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy