JVN#33021167: Pocket WiFi (GP02) vulnerable to cross-site request forgery

2012-02-01T00:00:00
ID JVN:33021167
Type jvn
Reporter Japan Vulnerability Notes
Modified 2012-02-01T00:00:00

Description

## Description

Pocket WiFi (GP02) provided by eAccess Ltd. is a mobile wireless LAN router. Pocket WiFi (GP02) contains a cross-site request forgery vulnerability.

## Impact

If a user views a malicious page while logged in, settings of Pocket WiFi (GP02) may be initialized, or Pocket WiFi (GP02) may be rebooted.

## Solution

Update the Software
Update to the latest version of the firmware provided by the developer.

## Products Affected

  • Pocket WiFi (GP02) firmware version 11.203.11.05.168 and earlier