exploitDog

GHSA-r3hv-gpww-v5pr

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import.

Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import.

Ссылки

EPSS

Процентиль: 32%

0.00128

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2014-9510

nvd

около 11 лет назад

Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import.

EPSS

Процентиль: 32%

0.00128

Низкий

CVE ID

Дефекты

CWE-352