Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP.
References
Link | Resource |
---|---|
https://iscouncil.blogspot.com/2017/08/cross-site-request-forgery.html | Exploit Third Party Advisory |
https://iscouncil.blogspot.com/2017/08/cross-site-request-forgery.html | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:06
Type | Values Removed | Values Added |
---|---|---|
References | () https://iscouncil.blogspot.com/2017/08/cross-site-request-forgery.html - Exploit, Third Party Advisory |
Information
Published : 2017-08-06 18:29
Updated : 2024-11-21 03:06
NVD link : CVE-2017-10677
Mitre link : CVE-2017-10677
CVE.ORG link : CVE-2017-10677
JSON object : View
Products Affected
linksys
- ea4500
- ea4500_firmware
CWE
CWE-352
Cross-Site Request Forgery (CSRF)