MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc.
Metrics
Affected Vendors & Products
References
History
Thu, 26 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 26 Sep 2024 04:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc. | |
Weaknesses | CWE-352 | |
References |
|
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2024-09-26T04:06:47.174Z
Updated: 2024-09-26T13:38:09.590Z
Reserved: 2024-09-10T06:57:25.565Z
Link: CVE-2024-45372
Vulnrichment
Updated: 2024-09-26T13:38:04.884Z
NVD
Status : Awaiting Analysis
Published: 2024-09-26T05:15:12.100
Modified: 2024-09-26T13:32:02.803
Link: CVE-2024-45372
Redhat
No data.