Santa Clause

**Name of the Vulnerable Software and Affected Versions** ZyXEL P-330W router (affected versions not specified) **Description** The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface. These vulnerabilities allow remote attackers to hijack the authentication of administrators for specific requests, including enabling remote router management via "goform/formRmtMgt" and modifying the administrator password via "goform/formPasswordSetup". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.