ID
VAR-201103-0383
TITLE
Comtrend CT-5367 ADSL Router Cross-Site Forgery Vulnerability
Trust: 0.6
DESCRIPTION
Comtrend CT-5367 ADSL Router is an ADSL router. Comtrend CT-5367 ADSL Router has a cross-site request forgery vulnerability that allows remote attackers to construct malicious links that entice an administrator to click, which can result in malicious actions with administrator privileges. Attackers can exploit this issue by tricking an unsuspecting user into visiting a malicious webpage. The page will consist of specially crafted script code designed to perform some action on the attacker's behalf. Successful exploits can allow attackers to run privileged commands on the affected device
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | comtrend | model: | ct-5367 a111-312btc-c01 r12 | scope: | - | version: | - | Trust: 0.9 |
THREAT TYPE
network
Trust: 0.3
TYPE
Design Error
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 46741 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2011-0950 | Trust: 0.6 |
REFERENCES
| url: | http://www.securityfocus.com/bid/46741/ | Trust: 0.6 |
| url: | http://www.comtrend.com/ | Trust: 0.3 |
CREDITS
Todor Donev
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2011-0950 |
| db: | BID | id: | 46741 |
LAST UPDATE DATE
2022-05-17T01:57:59.273000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-0950 | date: | 2011-03-08T00:00:00 |
| db: | BID | id: | 46741 | date: | 2011-03-04T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2011-0950 | date: | 2011-03-08T00:00:00 |
| db: | BID | id: | 46741 | date: | 2011-03-04T00:00:00 |