Cross site request forgery (csrf)

2018-09-1319:29:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.0%

JSON

Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.384_32738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.

CPENameOperatorVersion
gt-ac5300_firmwareeq<= 3.0.0.4.384-32738

CPE	Name	Operator	Version
	gt-ac5300_firmware	eq	<= 3.0.0.4.384-32738

References

github.com/PAGalaxyLab/VulInfo/blob/master/ASUS/csrf_bypass_referer/ASUS%20GT-AC5300%20csrf%20bypass%20referer.MD