ГлавнаяУязвимости → CVE-2024-40119
8.8высокая

CVE-2024-40119

Описание

Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.

CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://github.com/sudo-subho/nepstech-xpon-router-CVE-2024-40119https://github.com/sudo-subho/nepstech-xpon-router-CVE-2024-40119