Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-07-17T00:00:00

Updated: 2024-08-02T04:33:11.610Z

Reserved: 2024-07-05T00:00:00

Link: CVE-2024-40119

cve-icon Vulnrichment

Updated: 2024-07-23T14:36:17.244Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-07-17T20:15:06.423

Modified: 2024-11-21T09:30:57.907

Link: CVE-2024-40119

cve-icon Redhat

No data.