Description
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2019-4984 | An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation. |
References
History
Mon, 13 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2026-07-13T16:27:49.134Z
Reserved: 2019-07-11T00:00:00.000Z
Link: CVE-2019-13529
Updated: 2024-08-04T23:57:39.443Z
Status : Modified
Published: 2019-10-09T16:15:14.310
Modified: 2026-06-17T02:16:55.020
Link: CVE-2019-13529
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-352
Cross-Site Request Forgery (CSRF)
EUVD