CVE-2019-25250

Devolo dLAN 500 AV Wireless+ 3.1.0-1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that trigger unauthorized configuration changes by exploiting predictable URL...

CVE-2019-25250

The CVE covers Devolo dLAN 500 AV Wireless+ (firmware 3.1.0-1) with a cross-site request forgery flaw that allows triggering administrative actions via malicious pages when a logged-in user visits. Root cause stated across sources is lack of proper request validation enabling CSRF to trigger unau...

CVE-2019-25250 Devolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Request Forgery

Devolo dLAN 500 AV Wireless+ 3.1.0-1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that trigger unauthorized configuration changes by exploiting predictable URL...

Devolo dLAN 500 AV Wireless+ 安全漏洞

The Devolo dLAN 500 AV Wireless+ is a powerline communication adapter from Devolo, Germany. A security vulnerability exists in the Devolo dLAN 500 AV Wireless+ version 3.1.0-1, which stems from an authentication bypass that could result in enabling hidden services and gaining root privileges...

PT-2025-53336

Name of the Vulnerable Software and Affected Versions Devolo dLAN 500 AV Wireless+ version 3.1.0-1 Description The software contains a cross-site request forgery issue that enables attackers to perform administrative actions without proper request validation. Attackers can create malicious web...

Devolo dLAN 500 AV Wireless+ 安全漏洞

Devolo dLAN 500 AV Wireless+ is a powerline communication adapter from Devolo, Germany. A security vulnerability exists in the Devolo dLAN 500 AV Wireless+ version 3.1.0-1 that stems from a lack of proper request validation and could lead to a cross-site request forgery attack...