Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2018/Oct/18 | Exploit Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2018/Oct/18 | Exploit Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:45
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2018/Oct/18 - Exploit, Mailing List, Third Party Advisory |
Information
Published : 2018-10-10 21:29
Updated : 2024-11-21 03:45
NVD link : CVE-2018-12456
Mitre link : CVE-2018-12456
CVE.ORG link : CVE-2018-12456
JSON object : View
Products Affected
intelbras
- nplug_firmware
- nplug
CWE
CWE-352
Cross-Site Request Forgery (CSRF)