PT-2024-20555 · Levelone · Levelone Wbr-6012
Patrick Desantis
·
Published
2024-10-30
·
Updated
2024-11-08
·
CVE-2024-24777
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LevelOne WBR-6012 version R0.40e6
Description
A cross-site request forgery (CSRF) issue exists in the Web Application functionality. This allows an attacker to stage a malicious web page that can trigger the vulnerability, leading to unauthorized access through a specially crafted HTTP request.
Recommendations
For LevelOne WBR-6012 version R0.40e6, consider disabling access to the Web Application functionality until a patch is available to prevent exploitation of the CSRF vulnerability. Restrict access to the router's web interface to minimize the risk of unauthorized access.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Levelone Wbr-6012