ID
VAR-201903-0209
CVE
CVE-2019-7391
TITLE
ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 Cross-site request forgery vulnerability in device
Trust: 0.8
sources:
JVNDB: JVNDB-2019-002915
DESCRIPTION
ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 The device contains a cross-site request forgery vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 modem is a modem made by ZyXEL company in Taiwan, China. A remote attacker could exploit this vulnerability to perform unauthorized operations
Trust: 0.81
sources:
JVNDB: JVNDB-2019-002915 //
VULHUB: VHN-158826
AFFECTED PRODUCTS
| vendor: | zyxel | model: | dsl-491hnu-b10b | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | zyxel | model: | dsl-491hnu-b1b v2 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | zyxel | model: | dsl-491hnu-b10b | scope: | - | version: | - | Trust: 0.8 |
| vendor: | zyxel | model: | dsl-491hnu-b1b v2 | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-002915 //
NVD: CVE-2019-7391
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-158826 //
JVNDB: JVNDB-2019-002915 //
CNNVD: CNNVD-201902-610 //
NVD: CVE-2019-7391
PROBLEMTYPE DATA
| problemtype: | CWE-352 | Trust: 1.9 |
sources:
VULHUB: VHN-158826 //
JVNDB: JVNDB-2019-002915 //
NVD: CVE-2019-7391
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201902-610
TYPE
cross-site request forgery
Trust: 0.6
sources:
CNNVD: CNNVD-201902-610
CONFIGURATIONS
sources:
JVNDB: JVNDB-2019-002915
PATCH
| title: | Top Page | url: | https://www.zyxel.com/us/en/homepage.shtml | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-002915
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-7391 | Trust: 2.5 |
| db: | PACKETSTORM | id: | 151550 | Trust: 2.5 |
| db: | EXPLOIT-DB | id: | 46326 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2019-002915 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201902-610 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-158826 | Trust: 0.1 |
sources:
VULHUB: VHN-158826 //
JVNDB: JVNDB-2019-002915 //
CNNVD: CNNVD-201902-610 //
NVD: CVE-2019-7391
REFERENCES
| url: | http://packetstormsecurity.com/files/151550/zyxel-vmg3312-b10b-dsl-491hnu-b1-v2-cross-site-request-forgery.html | Trust: 2.5 |
| url: | https://www.exploit-db.com/exploits/46326/ | Trust: 1.7 |
| url: | https://twitter.com/h1_yusuf | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-7391 | Trust: 1.4 |
| url: | https://www.owasp.org/index.php/cross-site_request_forgery_%28csrf%29 | Trust: 1.1 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-7391 | Trust: 0.8 |
| url: | https://www.owasp.org/index.php/cross-site_request_forgery_(csrf) | Trust: 0.6 |
| url: | https://www.exploit-db.com/exploits/46326 | Trust: 0.6 |
sources:
VULHUB: VHN-158826 //
JVNDB: JVNDB-2019-002915 //
CNNVD: CNNVD-201902-610 //
NVD: CVE-2019-7391
SOURCES
| db: | VULHUB | id: | VHN-158826 |
| db: | JVNDB | id: | JVNDB-2019-002915 |
| db: | CNNVD | id: | CNNVD-201902-610 |
| db: | NVD | id: | CVE-2019-7391 |
LAST UPDATE DATE
2024-11-23T23:01:52.367000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-158826 | date: | 2019-03-29T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-002915 | date: | 2019-04-25T00:00:00 |
| db: | CNNVD | id: | CNNVD-201902-610 | date: | 2019-04-03T00:00:00 |
| db: | NVD | id: | CVE-2019-7391 | date: | 2024-11-21T04:48:07.993 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-158826 | date: | 2019-03-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-002915 | date: | 2019-04-25T00:00:00 |
| db: | CNNVD | id: | CNNVD-201902-610 | date: | 2019-02-06T00:00:00 |
| db: | NVD | id: | CVE-2019-7391 | date: | 2019-03-21T16:01:12.470 |