CVE-2016-11015: NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.

medium6.5CVSS 3.1

AVNACLPRNUIRSUCNIHAN

NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.

1 ranges

Vendor	Product	Version range	Fixed in
netgear	jnr1010_firmware	< 1.0.0.32	1.0.0.32