Atsuo Sakurai

Name of the Vulnerable Software and Affected Versions: LOGITEC LAN-W300N/RS (affected versions not specified) Description: A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators via a specially crafted URL, potentially leading to unintended operations on the device, such as changes to device settings. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** L-04D firmware versions V10a through V10b **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators, enabling them to perform arbitrary operations. The exact vectors used for exploitation are not specified. **Recommendations** For L-04D firmware versions V10a and V10b, consider implementing additional authentication checks to prevent CSRF attacks, such as token-based validation, until a patched version is available.