CVE-2018-6391

A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings.
References
Link Resource
https://0day.today/exploit/29659 Exploit Third Party Advisory
https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43919/ Exploit Third Party Advisory VDB Entry
https://0day.today/exploit/29659 Exploit Third Party Advisory
https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43919/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netis-systems:wf2419_firmware:2.2.36123:*:*:*:*:*:*:*
cpe:2.3:h:netis-systems:wf2419:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:10

Type Values Removed Values Added
References () https://0day.today/exploit/29659 - Exploit, Third Party Advisory () https://0day.today/exploit/29659 - Exploit, Third Party Advisory
References () https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt - Exploit, Third Party Advisory, VDB Entry () https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt - Exploit, Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/43919/ - Exploit, VDB Entry, Third Party Advisory () https://www.exploit-db.com/exploits/43919/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2018-01-29 19:29

Updated : 2024-11-21 04:10


NVD link : CVE-2018-6391

Mitre link : CVE-2018-6391

CVE.ORG link : CVE-2018-6391


JSON object : View

Products Affected

netis-systems

  • wf2419_firmware
  • wf2419
CWE
CWE-352

Cross-Site Request Forgery (CSRF)