PT-2012-2490 · Access · Eaccess Pocket Wifi
Naoto Katsumi
·
Publicado
2012-02-03
·
Atualizado
2012-02-09
·
CVE-2012-0314
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
eAccess Pocket WiFi (aka GP02) router versions prior to 2.00 with firmware 11.203.11.05.168
Description
The issue allows remote attackers to hijack the authentication of administrators for requests that initialize settings or reboot the device, due to multiple cross-site request forgery (CSRF) vulnerabilities.
Recommendations
For versions prior to 2.00 with firmware 11.203.11.05.168, update the firmware to a version later than 11.203.11.05.168 to resolve the issue.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Eaccess Pocket Wifi