Cross-Site Request Forgery Vulnerabilities in Zyxel Wireless Router
CVE-2014-4162

Currently unrated

Key Information:

Vendor: Zyxel
Status: P-660hw
Vendor: CVE Published:; 16 June 2014

Summary

Multiple vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router enable remote attackers to exploit cross-site request forgery (CSRF) flaws. The attackers can hijack the administrative authentication and send unauthorized requests to change sensitive settings such as the Wi-Fi password or SSID, compromising the security of the network.

References

http://www.exploit-db.com/exploits/33518

exploitx_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/126812/Zyxel-P-660HW...

x_refsource_MISC

http://secunia.com/advisories/58513

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jun 16, 2014
Vulnerability Reserved
Jun 16, 2014