CSRF Vulnerability in Intelbras RF1200 Devices
CVE-2019-19517

8.8HIGH

Key Information:

Vendor
Intelbras
Vendor
CVE Published:
5 May 2020

Summary

The RF1200 device from Intelbras has a vulnerability that allows an attacker to exploit Cross-Site Request Forgery (CSRF) attacks to bypass the login.html form, potentially granting unauthorized access. This situation arises due to inadequate validation mechanisms within the device's authentication process, which can be exploited through crafted requests that mimic legitimate user actions.

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.