Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.
[
{
"product": "NCC-EWF100RMWH2",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "NCC-EWF100RMWH2"
}
]
}
]