Lucene search
HistoryJul 08, 2024 - 4:15 p.m.
CVE-2023-47677
cve-2023-47677
cross-site request forgery
realtek
http request
security vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
24.5%
A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability.
Affected configurations
Node
realtekrtl819x_jungle_software_development_kitMatch3.4.11
Node
level1wbr-6013_firmwareMatchrer4_a_v3411b_2t2r_lev_09_170623
level1wbr-6013Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| realtek | rtl819x_jungle_software_development_kit | 3.4.11 | cpe:2.3:a:realtek:rtl819x_jungle_software_development_kit:3.4.11:*:*:*:*:*:*:* |
| level1 | wbr-6013_firmware | rer4_a_v3411b_2t2r_lev_09_170623 | cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:* |
| level1 | wbr-6013 | - | cpe:2.3:h:level1:wbr-6013:-:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2023-47677
2024-07-08 15:25:39
talos
talos
cve
cve
CVE-2023-47677
2024-07-08 16:15:04
cvelist
cvelist
CVE-2023-47677
2024-07-08 15:25:39
talosblog
talosblog
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
24.5%
Related for NVD:CVE-2023-47677