CVE-2014-9027

MEDIUM(6.8)

AV:N/AC:M/Au:N/C:P/I:P/A:P

Risk Signal Score17/100 — NIEDRIG

CVSS 6.8 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.8

Technische Schwere

Beschreibung

Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that disable modem lan ports via the (1) enblftp, (2) enblhttp, (3) enblsnmp, (4) enbltelnet, (5) enbltftp, (6) enblicmp, or (7) enblssh parameter to accesslocal.cmd.

Referenzen

http://packetstormsecurity.com/files/129041
https://exchange.xforce.ibmcloud.com/vulnerabilities/98590
http://packetstormsecurity.com/files/129041
https://exchange.xforce.ibmcloud.com/vulnerabilities/98590