CVE-2023-47677

A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1872 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:realtek:rtl819x_jungle_software_development_kit:3.4.11:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*
cpe:2.3:h:level1:wbr-6013:-:*:*:*:*:*:*:*

History

11 Jul 2024, 16:01

Type Values Removed Values Added
First Time Level1
Level1 wbr-6013 Firmware
Level1 wbr-6013
Realtek rtl819x Jungle Software Development Kit
Realtek
References () https://talosintelligence.com/vulnerability_reports/TALOS-2023-1872 - () https://talosintelligence.com/vulnerability_reports/TALOS-2023-1872 - Exploit, Third Party Advisory
Summary
  • (es) Existe una vulnerabilidad de cross-site request forgery (csrf) en la funcionalidad de protección boa CSRF de Realtek rtl819x Jungle SDK v3.4.11. Una solicitud de red especialmente manipulada puede generar CSRF. Un atacante puede enviar una solicitud HTTP para desencadenar esta vulnerabilidad.
CPE cpe:2.3:a:realtek:rtl819x_jungle_software_development_kit:3.4.11:*:*:*:*:*:*:*
cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*
cpe:2.3:h:level1:wbr-6013:-:*:*:*:*:*:*:*

08 Jul 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-08 16:15

Updated : 2024-07-11 16:01


NVD link : CVE-2023-47677

Mitre link : CVE-2023-47677

CVE.ORG link : CVE-2023-47677


JSON object : View

Products Affected

level1

  • wbr-6013
  • wbr-6013_firmware

realtek

  • rtl819x_jungle_software_development_kit
CWE
CWE-352

Cross-Site Request Forgery (CSRF)