Cross Site Request Forgery in D-Link DSL-2730U by D-Link
CVE-2017-6411

8.8HIGH

Key Information:

Vendor
D-Link
Vendor
CVE Published:
6 March 2017

Summary

The D-Link DSL-2730U C1 IN_1.00 is susceptible to Cross Site Request Forgery (CSRF) attacks that enable remote adversaries to manipulate critical settings such as DNS or firewall configurations and alter passwords. This vulnerability can be exploited without proper authentication, putting users at risk of unauthorized access and potential network compromise.

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.