Ali Can Gönüllü

**Name of the Vulnerable Software and Affected Versions** AirTies Air5341 version 1.0.0.12 **Description** The issue allows for a CSRF attack on the cgi-bin/login endpoint. **Recommendations** For AirTies Air5341 version 1.0.0.12, consider implementing CSRF protection measures, such as token-based validation, to prevent unauthorized access to the cgi-bin/login endpoint.

**Name of the Vulnerable Software and Affected Versions** Zyxel NBG-418N v2 version 1.00(AAXM.4)C0 **Description** The issue allows for a CSRF attack via the "login.cgi" API endpoint. This could potentially be exploited by tricking a user into performing unintended actions. **Recommendations** For Zyxel NBG-418N v2 version 1.00(AAXM.4)C0, as a temporary workaround, consider restricting access to the "login.cgi" API endpoint until a patch is available.