The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.
CPE | Name | Operator | Version |
---|---|---|---|
l206-f2g_firmware | eq | 4.24 |