CSRF Vulnerability in Planet IGS-4215-16T2S Firmware Could Trick Authenticated Users into Performing Unintended Actions
CVE-2024-2741

7.1HIGH

Key Information:

Vendor: Planet
Status: Igs-4215-16t2s
Vendor: CVE Published:; 11 April 2024

What is CVE-2024-2741?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Planet IGS-4215-16T2S, specifically within firmware version 1.305b210528. This vulnerability allows remote attackers to exploit authenticated users by tricking them into executing unauthorized actions through the Switch web interface. Such actions might include adding or updating user accounts without their consent, posing significant security risks to the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

IGS-4215-16T2S 1.305b210528

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/mu...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2024
Vulnerability Reserved
Mar 20, 2024

Credit

J. Daniel Martinez (dan1t0)

JSON

Planet

What is CVE-2024-2741?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.