Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-28	CVE-2013-4865	Cross-Site Request Forgery (CSRF) vulnerability in Micasaverde Veralite Firmware 1.5.408 Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter. network low complexity micasaverde CWE-352	6.5
2020-01-28	CVE-2013-4861	Path Traversal vulnerability in Micasaverde Veralite Firmware 1.5.408 Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. network low complexity micasaverde CWE-22	6.5