CVE-2020-24373

A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:free:freebox_revolution_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:free:freebox_revolution:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:free:freebox_mini_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:free:freebox_mini:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:free:freebox_one_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:free:freebox_one:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:free:freebox_delta_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:free:freebox_delta:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:free:freebox_pop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:free:freebox_pop:-:*:*:*:*:*:*:*

Information

Published : 2020-09-16 13:15

Updated : 2022-11-16 06:12


NVD link : CVE-2020-24373

Mitre link : CVE-2020-24373


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

free

  • freebox_one
  • freebox_mini
  • freebox_delta_firmware
  • freebox_pop
  • freebox_revolution
  • freebox_pop_firmware
  • freebox_delta
  • freebox_revolution_firmware
  • freebox_mini_firmware
  • freebox_one_firmware