CVE-2014-10019

Name of the Vulnerable Software and Affected Versions Teracom T2-B-Gawv1.4U10Y-BI modem

Description The issue affects the webconfig/wlan/country.html/country component of the modem, where multiple cross-site request forgery (CSRF) vulnerabilities exist. These vulnerabilities allow remote attackers to hijack the authentication of administrators for specific requests, including changing the SSID or changing the password, by crafting a malicious request.

Recommendations For the Teracom T2-B-Gawv1.4U10Y-BI modem, as a temporary workaround, consider restricting access to the webconfig/wlan/country.html/country component to minimize the risk of exploitation. Avoid using the vulnerable component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.