Lucene search

[email protected]NVD:CVE-2023-1205

HistoryMar 10, 2023 - 6:15 p.m.

CVE-2023-1205

2023-03-1018:15:16

CWE-352

[email protected]

web.nvd.nist.gov

netgear

nighthawk

wifi6

router

csrf

vulnerability

cross-site request forgery

v1.0.10.94

cve-2023-1205

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

32.2%

JSON

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections.

Affected configurations

Nvd

Node

netgearrax30Match-

AND

netgearrax30_firmwareRange<1.0.10.94

VendorProductVersionCPE
netgearrax30-cpe:2.3:h:netgear:rax30:-:*:*:*:*:*:*:*
netgearrax30_firmware*cpe:2.3:o:netgear:rax30_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	rax30	-	cpe:2.3:h:netgear:rax30:-:::::::*
netgear	rax30_firmware	*	cpe:2.3:o:netgear:rax30_firmware::::::::

References

tenable.com/security/research/tra-2023-9

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

32.2%

JSON

Related for NVD:CVE-2023-1205

prion1 cve1 cvelist1