Описание
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
Ссылки
- ExploitMailing ListThird Party Advisory
- ExploitMailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:intelbras:nplug_firmware:1.0.0.14:*:*:*:*:*:*:*
cpe:2.3:h:intelbras:nplug:-:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00145
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
EPSS
Процентиль: 35%
0.00145
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352