NEC Aterm Series Routers CVE-2013-0717 Multiple Cross Site Request Forgery Vulnerabilities
BID:58625
Info
NEC Aterm Series Routers CVE-2013-0717 Multiple Cross Site Request Forgery Vulnerabilities
| Bugtraq ID: | 58625 |
| Class: | Design Error |
| CVE: |
CVE-2013-0717 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 19 2013 12:00AM |
| Updated: | Mar 19 2013 12:00AM |
| Credit: | Sen UENO of Tricorder Co. Ltd, Hiroshi Kumagai and Kimura Youichi |
| Vulnerable: |
NEC AtermWR9500N 0 NEC AtermWR8600N 0 NEC AtermWR8370N 0 NEC AtermWR8160N 0 NEC AtermWM3600R 0 NEC AtermWM3450RN 0 |
| Not Vulnerable: |
NEC AtermWR9300N 0 NEC AtermWR8750N 0 NEC AtermWR8175N 0 NEC AtermWM3800R 0 |
Discussion
NEC Aterm Series Routers CVE-2013-0717 Multiple Cross Site Request Forgery Vulnerabilities
NEC Aterm series routers are prone to multiple cross-site request-forgery vulnerabilities.
Exploiting these issues may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
NEC Aterm series routers are prone to multiple cross-site request-forgery vulnerabilities.
Exploiting these issues may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
Exploit / POC
NEC Aterm Series Routers CVE-2013-0717 Multiple Cross Site Request Forgery Vulnerabilities
To exploit these issues an attacker must entice an unsuspecting victim to visit a malicious webpage.
To exploit these issues an attacker must entice an unsuspecting victim to visit a malicious webpage.
Solution / Fix
NEC Aterm Series Routers CVE-2013-0717 Multiple Cross Site Request Forgery Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
NEC Aterm Series Routers CVE-2013-0717 Multiple Cross Site Request Forgery Vulnerabilities
References:
References: