Clickjacking Vulnerability in Cisco Linksys E4200 Routers
CVE-2013-2682

4.3MEDIUM

Key Information:

Vendor

Cisco
Status
Linksys E4200 Firmware
Vendor
CVE Published:
5 February 2020

What is CVE-2013-2682?

Cisco Linksys E4200 routers running firmware version 1.0.05 Build 7 are exposed to a clickjacking vulnerability. This security flaw allows remote attackers to trick users into clicking on hidden elements of a webpage, potentially leading to the unauthorized disclosure of sensitive information. Exploiting this vulnerability could enable malicious actors to carry out various actions on behalf of unsuspecting users, raising significant security concerns.

References

http://www.securityfocus.com/bid/59717
vdb-entryx_refsource_BID
http://packetstormsecurity.com/files/121551/Cisco-Linksys...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84071
vdb-entryx_refsource_XF

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.