CVE-2019-25250

Name of the Vulnerable Software and Affected Versions Devolo dLAN 500 AV Wireless+ version 3.1.0-1

Description The software contains a cross-site request forgery issue that enables attackers to perform administrative actions without proper request validation. Attackers can create malicious web pages that initiate unauthorized configuration changes by exploiting predictable URL actions when a logged-in user visits the site.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.