Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-07-17T00:00:00
Updated: 2024-08-02T04:33:11.610Z
Reserved: 2024-07-05T00:00:00
Link: CVE-2024-40119
Vulnrichment
Updated: 2024-07-23T14:36:17.244Z
NVD
Status : Awaiting Analysis
Published: 2024-07-17T20:15:06.423
Modified: 2024-11-21T09:30:57.907
Link: CVE-2024-40119
Redhat
No data.