6.8
CVE-2012-0314
- EPSS 0.16%
- Veröffentlicht 03.02.2012 04:05:51
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site request forgery (CSRF) vulnerabilities on the eAccess Pocket WiFi (aka GP02) router before 2.00 with firmware 11.203.11.05.168 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Emobile ≫ Pocket Wifi Firmware Version <= 11.203.11.05.168
Emobile ≫ Pocket Wifi Version <= 2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.341 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-352 Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.