Emobile Pocket WiFi GP02 Cross-Site Request Forgery Vulnerability
BID:51782
Info
Emobile Pocket WiFi GP02 Cross-Site Request Forgery Vulnerability
| Bugtraq ID: | 51782 |
| Class: | Design Error |
| CVE: |
CVE-2012-0314 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 01 2012 12:00AM |
| Updated: | Feb 01 2012 12:00AM |
| Credit: | Naoto Katsumi of LAC Co |
| Vulnerable: |
eAccess Emobile Pocket WiFi GP02 11.203.11.05.168 |
| Not Vulnerable: | |
Discussion
Emobile Pocket WiFi GP02 Cross-Site Request Forgery Vulnerability
Emobile Pocket WiFi GP02 is prone to a cross-site request-forgery vulnerability.
Successful exploits can result in privileged commands running on the affected devices, including changing settings and rebooting the device. This may lead to further network-based attacks.
Emobile Pocket WiFi GP02 11.203.11.05.168 and prior are vulnerable.
Emobile Pocket WiFi GP02 is prone to a cross-site request-forgery vulnerability.
Successful exploits can result in privileged commands running on the affected devices, including changing settings and rebooting the device. This may lead to further network-based attacks.
Emobile Pocket WiFi GP02 11.203.11.05.168 and prior are vulnerable.
Exploit / POC
Emobile Pocket WiFi GP02 Cross-Site Request Forgery Vulnerability
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
Solution / Fix
Emobile Pocket WiFi GP02 Cross-Site Request Forgery Vulnerability
Solution:
Updates are available. Please contact the vendor for more information.
Solution:
Updates are available. Please contact the vendor for more information.
References
Emobile Pocket WiFi GP02 Cross-Site Request Forgery Vulnerability
References:
References: