CVE-2015-7284

8HIGH

Key Information:

Vendor: Zyxel
Status: Nbg-418n Firmware; Nbg-418n
Vendor: CVE Published:; 31 December 2015

Summary

Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users.

References

http://www.securitytracker.com/id/1034554

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/78819

vdb-entryx_refsource_BID

https://www.kb.cert.org/vuls/id/330000

third-party-advisoryx_refsource_CERT-VN

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 31, 2015
Vulnerability Reserved
Sep 18, 2015