CSRF Vulnerabilities in Cisco Scientific Atlanta WebSTAR DPC2100R2 Cable Modem
CVE-2010-2025

Currently unrated

Key Information:

Vendor
Cisco
Status
Scientific Atlanta Webstar Dpc2100r2
Vendor
CVE Published:
26 May 2010

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities exist in the web interface of the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem. These flaws allow remote attackers to potentially hijack administrative authentication for various critical functions, including resetting the modem, erasing firmware, altering administrative passwords, installing malicious firmware, or modifying access levels. Exploiting these vulnerabilities could severely compromise the modem's security and the integrity of the user's network.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/bid/40346
vdb-entryx_refsource_BID

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.