PT-2012-2490 · Access · Eaccess Pocket Wifi
Naoto Katsumi
·
Published
2012-02-03
·
Updated
2012-02-09
·
CVE-2012-0314
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
eAccess Pocket WiFi (aka GP02) router versions prior to 2.00 with firmware 11.203.11.05.168
Description
The issue allows remote attackers to hijack the authentication of administrators for requests that initialize settings or reboot the device, due to multiple cross-site request forgery (CSRF) vulnerabilities.
Recommendations
For versions prior to 2.00 with firmware 11.203.11.05.168, update the firmware to a version later than 11.203.11.05.168 to resolve the issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Eaccess Pocket Wifi