Описание
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs.
Ссылки
- ExploitProductThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitProductThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:d-link:di-524_firmware:9.01:*:*:*:*:*:*:*
cpe:2.3:h:dlink:di-524:-:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.0137
Низкий
8 High
CVSS3
8.5 High
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8
github
больше 3 лет назад
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs.
EPSS
Процентиль: 80%
0.0137
Низкий
8 High
CVSS3
8.5 High
CVSS2
Дефекты
CWE-352