CSRF in Trendnet Tew-812dru

CVE-2013-3098

Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change admin credentials in a…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.003 (57.6th percentile) — read the EPSS interpretation.

Affected products

Trendnet Tew-812dru
Trendnet Tew-812dru_firmware — versions 1.0.8.0
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

95803 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)
54310 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (Exploit, x_refsource_MISC)