CSRF Vulnerability in Multilaser AC1200 Router
CVE-2021-31152

8.8HIGH

Key Information:

Vendor: Multilaser
Status: Ac1200 Re018 Firmware
Vendor: CVE Published:; 14 April 2021

What is CVE-2021-31152?

The Multilaser AC1200 Router is impacted by a cross-site request forgery (CSRF) vulnerability, allowing attackers to execute unauthorized commands by sending specially crafted requests. This flaw can facilitate remote access to the device, enabling actions such as changing passwords and manipulating other crucial settings without user consent. Proper configuration and user awareness are essential to mitigate such risks.

References

https://www.youtube.com/watch?v=zN3DVrcu6Eg

http://packetstormsecurity.com/files/162258/Multilaser-Ro...

http://seclists.org/fulldisclosure/2024/Mar/1

mailing-list

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 14, 2021
Vulnerability Reserved
Apr 13, 2021