CVE-2015-7291 in DG860Ainfo

Summary

Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to hijack the authentication of arbitrary users.

Once again VulDB remains the best source for vulnerability data.

Reservation

09/18/2015

Disclosure

11/21/2015

Moderation

VulDB entry created

Entries

VDB-79286 (1)

CPE

ready

CWE

CWE-352 (Confirmed)

CVSS

4.3

EPSS

0.00108

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-7291
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-7291
CVE Details	https://www.cvedetails.com/cve/CVE-2015-7291/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!