ID
VAR-E-201706-0398
CVE
| cve_id: | CVE-2017-2238 | Trust: 0.3 |
sources:
BID: 99516
TITLE
Toshiba Home Gateway CVE-2017-2238 Cross Site Request Forgery Vulnerability
Trust: 0.3
sources:
BID: 99516
DESCRIPTION
Toshiba Home Gateway is prone to a cross-site request-forgery vulnerability.
Exploiting the issue will allow a remote attacker to use a victim's currently active session to hijack the authentication of administrators. Successful exploits will compromise affected device.
Trust: 0.3
sources:
BID: 99516
AFFECTED PRODUCTS
| vendor: | toshiba | model: | home gateway hem-gw26a hem-gw26a-fw-v1.2.0 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | toshiba | model: | home gateway hem-gw16a hem-gw16a-fw-v1.2.0 | scope: | - | version: | - | Trust: 0.3 |
sources:
BID: 99516
EXPLOIT
To exploit this issue an attacker must entice an unsuspecting victim to view a malicious web page.
Trust: 0.3
sources:
BID: 99516
PRICE
Free
Trust: 0.3
sources:
BID: 99516
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 99516
CREDITS
Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc.
Trust: 0.3
sources:
BID: 99516
EXTERNAL IDS
| db: | JVN | id: | JVN85901441 | Trust: 0.3 |
| db: | NVD | id: | CVE-2017-2238 | Trust: 0.3 |
| db: | BID | id: | 99516 | Trust: 0.3 |
sources:
BID: 99516
REFERENCES
| url: | http://www.toshiba.com/ | Trust: 0.3 |
| url: | http://jvn.jp/en/jp/jvn85901441/index.html | Trust: 0.3 |
sources:
BID: 99516
SOURCES
| db: | BID | id: | 99516 |
LAST UPDATE DATE
2022-07-27T09:18:24.861000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 99516 | date: | 2017-06-27T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 99516 | date: | 2017-06-27T00:00:00 |