Описание
Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors.
Ссылки
- Third Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Third Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.4.2.30 (включая)
Одновременно
cpe:2.3:o:netgear:gs716tv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs716t:v2:*:*:*:*:*:*:*
Конфигурация 2Версия до 5.4.2.30 (включая)
Одновременно
cpe:2.3:o:netgear:gs724tv3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs724t:v3:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00157
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
больше 3 лет назад
Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors.
EPSS
Процентиль: 37%
0.00157
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352