Описание
The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:redlion:n-tron_702-w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:redlion:n-tron_702-w:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:redlion:n-tron_702m12-w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:redlion:n-tron_702m12-w:-:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
больше 3 лет назад
The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
EPSS
Процентиль: 49%
0.00256
Низкий
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-352