14 Aoû 2019
Vulnérabilité CVE-2019-14526 CVE Vulnerability
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token. (CVSS:0.0) (Last Update:2019-08-14)
Vulnerability Details : An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token. Publish Date : 2019-08-14 Last Update Date : 2019-08-14 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-14526
- References For CVE-2019-14526
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-14526There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |