Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
22 lines (13 sloc) 1006 Bytes

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19613

[Affected Devices]

Westermo DR-260 Router - All firmware versions

Westermo DR-250 Router - All firmware versions

Westermo MR-260 Router - All firmware versions

[Description]

The aforementioned router models are known to be vulnerable to Cross-Site Request Forgery.

This would allow an attacker to cause authenticated users to perform unintended interactions with the application, provided that they visit a malicious third-party resource. Should this occur, various configurations could be modified; potentially expanding the attack vectors of the device.

Working alongside the router vendor, it was established that this vulnerability affects all of the specified router models, regardless of firmware version. Since this product is considered to be EOL, no patches for this issue are expected.

[Credit]

For assistance in identifying this issue, credit should also be given to:

Nettitude - https://www.nettitude.com/uk/

You can’t perform that action at this time.