CVE-2020-25015

Name of the Vulnerable Software and Affected Versions Genexis Platinum 4410 V2 version 2.1 (software version P4410-V2-1.28)

Description The issue allows for changing the Wi-Fi password remotely due to Broken Access Control and CSRF. This could potentially be exploited to gain unauthorized access to the Wi-Fi network.

Recommendations For Genexis Platinum 4410 V2 version 2.1 (software version P4410-V2-1.28), as a temporary workaround, consider disabling remote access to the router's configuration until a patch is available. Restrict access to the router's web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.