CVE-2024-5786 | THREATINT

Description

Cross-Site Request Forgery vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application to which he is authenticated.

PUBLISHED Reserved 2024-06-10 | Published 2024-06-10 | Updated 2024-08-01 | Assigner INCIBE

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Problem types

CWE-352 Cross-Site Request Forgery (CSRF)

Product status

Default status

unaffected

GRG-4280us (hardware)

affected

Credits

Gabriel Gonzalez García finder

References

www.incibe.es/...so/multiple-vulnerabilities-comtrend-router

cve.org (CVE-2024-5786)

nvd.nist.gov (CVE-2024-5786)

Download JSON

help @ threatint.eu