CSRF Vulnerabilities in Cisco Scientific Atlanta WebSTAR DPC2100R2 Cable Modem
CVE-2010-2025

Currently unrated

Key Information:

Vendor: Cisco
Status: Scientific Atlanta Webstar Dpc2100r2
Vendor: CVE Published:; 26 May 2010

What is CVE-2010-2025?

Multiple cross-site request forgery (CSRF) vulnerabilities exist in the web interface of the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem. These flaws allow remote attackers to potentially hijack administrative authentication for various critical functions, including resetting the modem, erasing firmware, altering administrative passwords, installing malicious firmware, or modifying access levels. Exploiting these vulnerabilities could severely compromise the modem's security and the integrity of the user's network.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/bid/40346

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 26, 2010