Cross Site Request Forgery Vulnerability in Intelbras Router RF 301K Firmware
CVE-2021-32402

8.8HIGH

Key Information:

Vendor: Intelbras
Status: Rf 301k Firmware
Vendor: CVE Published:; 17 May 2021

What is CVE-2021-32402?

The Intelbras Router RF 301K Firmware version 1.1.2 is susceptible to Cross Site Request Forgery (CSRF) attacks due to inadequate validation mechanisms and insecure configurations in its inputs and modules. This vulnerability can allow attackers to exploit user sessions, potentially leading to unauthorized actions being executed on behalf of unsuspecting users.

References

https://www.youtube.com/watch?v=X2cU9MBN2Ys

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2021
Vulnerability Reserved
May 7, 2021