Cross-Site Request Forgery Vulnerability in Beetel Router by Beetel
CVE-2014-3792

Currently unrated

Key Information:

Vendor

Beetel

Status
450tc2 Router Firmware
450tc2 Router
Vendor
CVE Published:
20 May 2014

What is CVE-2014-3792?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Beetel 450TC2 Router with firmware TX6-0Q-005_retail. This flaw permits remote attackers to exploit the router's web interface, hijacking the session of an authenticated administrator to change sensitive settings, such as the administrator password. By targeting the uiViewTools_Password and uiViewTools_PasswordConfirm parameters, attackers can craft malicious requests that manipulate the administrator settings without the victim's consent, leading to unauthorized access and control of the device.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/show/osvdb/106468
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/58365
third-party-advisoryx_refsource_SECUNIA
http://packetstormsecurity.com/files/126426/Beetel-450TC2...
x_refsource_MISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.