Lucene search

[email protected]CVE-2021-32402

HistoryMay 17, 2021 - 1:15 p.m.

CVE-2021-32402

2021-05-1713:15:07

CWE-352

[email protected]

web.nvd.nist.gov

cve-2021-32402

intelbras

router

rf 301k

firmware

csrf

cross site request forgery

validation

insecure configurations

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules.

Affected configurations

NVD

Node

intelbrasrf_301k_firmwareMatch1.1.2

AND

intelbrasrf_301kMatch-

CPENameOperatorVersion
intelbras:rf_301k_firmwareintelbras rf 301k firmwareeq1.1.2

CPE	Name	Operator	Version
intelbras:rf_301k_firmware	intelbras rf 301k firmware	eq	1.1.2

References

www.youtube.com/watch?v=X2cU9MBN2Ys

Social References

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

Related for CVE-2021-32402

prion1 cvelist1 nvd1