Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP.
References
Link | Resource |
---|---|
https://iscouncil.blogspot.com/2017/08/cross-site-request-forgery.html | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2017-08-06 18:29
Updated : 2024-02-28 16:04
NVD link : CVE-2017-10677
Mitre link : CVE-2017-10677
CVE.ORG link : CVE-2017-10677
JSON object : View
Products Affected
linksys
- ea4500_firmware
- ea4500
CWE
CWE-352
Cross-Site Request Forgery (CSRF)