NVD

Id
41874  
Name
CVE-2013-7043  
Description
Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via the Password parameter to goform/RgSecurity; (2) reboot the device via the Restart parameter to goform/restart; (3) modify Wi-Fi settings, as demonstrated by the WpaPreSharedKey parameter to goform/wlanSecurity; or (4) modify parental controls via the ParentalPassword parameter to goform/RgParentalBasic.  
Reject
 
CVSS Version
2  
CVSS Score
8.3  
Severity
High  
CVSS Base Score
8.3  
CVSS Impact Subscore
8.5  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:C)  
Pub Date
2017-01-18  
Published
2013-12-10  
Modified Date
2016-11-01  
Seq
2013-7043  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
211449 41874 CVE-2013-7043 29927  View
211450 41874 CVE-2013-7043 cisco-scientific-cve20137043-csrf(89654)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23933 JVNDB-2013-005508 Cisco Scientific Atlanta DPR2320 ルータのソフトウェアにおけるクロスサイトリクエストフォージェリの脆弱性 Cisco Scientific Atlanta DPR2320 ルータのソフトウェアには、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2013-7043 66985 CVE-2013-7043 41874 8.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005508.html 2013-11-30 2013-12-16 View