CVE-2018-0647

CWE-352Cross-Site Request Forgery (CSRF)3 documents3 sources
Severity
8.8HIGH
EPSS
0.2%
top 63.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Asus Wl-330nul FirmwareAsus Japan Inc. Wl-330nul
Timeline
PublishedSep 7
Latest updateMay 14

Description

Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDasus/wl-330nul_firmware< 3.0.0.46
CVEListV5asus_japan_inc./wl-330nulFirmware version prior to 3.0.0.46

🔴Vulnerability Details

2
GHSA
GHSA-r3qg-8jc3-g2mr: Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 32022-05-14
CVEList
CVE-2018-0647: Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 32018-09-07
CVE-2018-0647 (HIGH CVSS 8.8) | Cross-site request forgery (CSRF) v | cvebase.io