CSRF Vulnerability in Intelbras NPLUG Wireless Repeater
CVE-2018-12456
8.8HIGH
Summary
The Intelbras NPLUG 1.0.0.14 wireless repeater is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability due to its lack of CSRF token protection in the web interface. This oversight allows attackers to exploit the device by executing unauthorized actions, such as modifying the wireless SSID, rebooting the device, altering access control lists, or enabling remote access, thereby compromising network security.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved