NetGear · Netgear Jnr1010 · CVE-2016-11015
**Name of the Vulnerable Software and Affected Versions**
NETGEAR JNR1010 devices versions prior to 1.0.0.32
**Description**
The issue allows for CSRF via the `:InternetGatewayDevice.X TWSZ-COM URL Filter.BlackList.1.URL` parameter in the cgi-bin/webproc endpoint.
**Recommendations**
For versions prior to 1.0.0.32, update to version 1.0.0.32 or later to resolve the issue.