CVE-2015-2905

Cross-site request forgery (CSRF) vulnerability on Actiontec GT784WN modems with firmware before NCS01-1.0.13 allows remote attackers to hijack the authentication or intranet connectivity of arbitrary users.
References
Link Resource
http://www.kb.cert.org/vuls/id/335192 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:actiontec:_ncs01_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:actiontec:gt784wn_wireless_n_dsl_modem:-:*:*:*:*:*:*:*

Information

Published : 2015-08-23 14:59

Updated : 2015-08-24 10:09


NVD link : CVE-2015-2905

Mitre link : CVE-2015-2905


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

actiontec

  • gt784wn_wireless_n_dsl_modem
  • _ncs01_firmware