Cross-Site Request Forgery Vulnerability in Cisco DPQ3925
CVE-2015-6378

Currently unrated

Key Information:

Vendor: Cisco
Status: Dpq3925 8x4 Docsis 3.0 Wireless Residential Gateway With Embedded Digital Voice Adapter
Vendor: CVE Published:; 14 December 2015

Summary

The Cisco DPQ3925 devices with EDVA 5.5.2 are susceptible to a cross-site request forgery (CSRF) vulnerability, allowing remote attackers to exploit this flaw. By submitting unauthorized commands, they can potentially hijack the authentication of arbitrary users. This security issue, identified as Bug ID CSCuv05943, poses a significant risk as it can lead to unauthorized access to user information and control over the device.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1034345

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Dec 14, 2015
Vulnerability Reserved
Aug 17, 2015