Cross-Site Request Forgery Vulnerability in Belkin F9K1102 Devices
CVE-2015-5990

8.8HIGH

Key Information:

Vendor: Zyxel
Status: Gs1900-10HP Firmware
Vendor: CVE Published:; 31 December 2015

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in Belkin F9K1102 devices running firmware version 2.10.17. This flaw allows remote attackers to exploit the affected devices by hijacking the authentication process of arbitrary users, leading to unauthorized actions being performed on behalf of legitimate users. It is crucial for users to implement preventive measures and updates to safeguard their systems from potential attacks.

References

https://www.kb.cert.org/vuls/id/201168

third-party-advisoryx_refsource_CERT-VN

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 31, 2015
Vulnerability Reserved
Aug 14, 2015