CVE-2018-25151

Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft a malicious web page with a hidden form to create a new superuser account by tricking an...

CVE-2018-25151

The CVE-2018-25151 issue affects Ecessa WANWorx WVR-30

CVE-2018-25151 Ecessa WANWorx WVR-30 < 10.7.4 Cross-Site Request Forgery via User Configuration

Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft a malicious web page with a hidden form to create a new superuser account by tricking an...

CVE-2018-25151 Ecessa WANWorx WVR-30 < 10.7.4 Cross-Site Request Forgery via User Configuration

Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft a malicious web page with a hidden form to create a new superuser account by tricking an...

Ecessa WANWorx WVR-30 跨站请求伪造漏洞

The Ecessa WANWorx WVR-30 is a software-defined WAN appliance from Ecessa Corporation, USA. A cross-site request forgery vulnerability exists in the Ecessa WANWorx WVR-30 versions prior to 10.7.4, which stems from susceptibility to a cross-site request forgery attack that could lead to the...

PT-2025-53371

Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft a malicious web page with a hidden form to create a new superuser account by tricking an...

Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability

Exploit for hardware platform in category web applications Exploit title: Ecessa WANWorx WVR-30 input type="hidden" name="userusername1" value=...

Ecessa WANWorx WVR-30 &lt; 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Exploit title: Ecessa WANWorx WVR-30 input type="hidden" nam...

Ecessa WANWorx WVR-30 10.7.4 Add Superuser Cross Site Request Forgery

form action="https://127.0.0.1/cgi-bin/plweb.cgi/utilconfiglogi...

Ecessa WANWorx WVR-30 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Ecessa WANWorx WVR-30 10.7.4 - Cross-Site Request Forgery Add Superuser Exploit title: Ecessa WANWorx WVR-30 input type="hidden" name="userusername...

Ecessa WANWorx WVR-30 10.7.4 CSRF Add Superuser Exploit

Summary Ecessa's WANworX SD-WAN solutions increase network performance and reliability by leveraging any connection. That can be premium priced MPLS, lower cost broadband, or cellular 4G or LTE. Many of today's WAN deployments are based on older technology that was acceptable when businesses did...