CVE-2015-5996
published 2015-12-31CVE-2015-5996: Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the…
PriorityP347high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
1.38%
68.8th percentile
Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mediabridge | medialink_mwn-wapr300n_firmware | <= 5.07.50 | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Trendmicro
Exploit Kit
blogs_trendmicro·2018-12-11
Exploit Kit
Cyber Threats
## Exploit Kit "Novidade" Found Targeting Home Routers
Analysis of the Novidade exploit kit that targets routers by changing their DNS settings via cross-site request forgery, enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with.
By: Joseph C Chen 2018/12/11 Read time: ( words)
Save to Folio
We identified a new exploit kit we named Novidade that targets home or small office routers by changing their Domain Name System (DNS) settings via cross-site request forgery (CSRF), enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with. Once the DNS setting is changed to that of a malicious server, the attacker can execute a pharming attack, redirecting the
Trendmicro
Exploit Kit
blogs_trendmicro·2018-12-11
Exploit Kit
Ciberamenazas
## Exploit Kit "Novidade" Found Targeting Home Routers
Analysis of the Novidade exploit kit that targets routers by changing their DNS settings via cross-site request forgery, enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with.
By: Joseph C Chen Dec 11, 2018 Read time: ( words)
Save to Folio
We identified a new exploit kit we named Novidade that targets home or small office routers by changing their Domain Name System (DNS) settings via cross-site request forgery (CSRF), enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with. Once the DNS setting is changed to that of a malicious server, the attacker can execute a pharming attack, redirecting th
Trendmicro
Exploit Kit
blogs_trendmicro·2018-12-11
Exploit Kit
Cyber Threats
## Exploit Kit "Novidade" Found Targeting Home Routers
Analysis of the Novidade exploit kit that targets routers by changing their DNS settings via cross-site request forgery, enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with.
By: Joseph C Chen Dec 11, 2018 Read time: ( words)
Save to Folio
We identified a new exploit kit we named Novidade that targets home or small office routers by changing their Domain Name System (DNS) settings via cross-site request forgery (CSRF), enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with. Once the DNS setting is changed to that of a malicious server, the attacker can execute a pharming attack, redirecting th
Trendmicro
Exploit Kit
blogs_trendmicro·2018-12-11
Exploit Kit
Cyber Threats
# Exploit Kit "Novidade" Found Targeting Home Routers
Analysis of the Novidade exploit kit that targets routers by changing their DNS settings via cross-site request forgery, enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with.
By: Joseph C Chen
2018/12/11
Read time: ( words)
Save to Folio
We identified a new exploit kit we named Novidade that targets home or small office routers by changing their Domain Name System (DNS) settings via cross-site request forgery (CSRF), enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with. Once the DNS setting is changed to that of a malicious server, the attacker can execute a pharming attack, redirecting the
Trendmicro
Exploit Kit
blogs_trendmicro·2018-12-11
Exploit Kit
Cyberbedrohungen
## Exploit Kit "Novidade" Found Targeting Home Routers
Analysis of the Novidade exploit kit that targets routers by changing their DNS settings via cross-site request forgery, enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with.
By: Joseph C Chen Dec 11, 2018 Read time: ( words)
Save to Folio
We identified a new exploit kit we named Novidade that targets home or small office routers by changing their Domain Name System (DNS) settings via cross-site request forgery (CSRF), enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with. Once the DNS setting is changed to that of a malicious server, the attacker can execute a pharming attack, redirecting
2015-12-31
Published