CVE-2013-3068: CSRF
First published: Mon Sep 29 2014(Updated: )
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksys WRT310Nv2 2.0.0.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords and modify remote management ports.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Linksys WRT310N Router Firmware | =2.0.0.1 | |
| Linksys WRT350N | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-3068?
CVE-2013-3068 has been categorized as a moderate severity vulnerability due to its potential impact on the security of administrator sessions.
How can I fix CVE-2013-3068?
To mitigate CVE-2013-3068, update the firmware of Linksys WRT310Nv2 and WRT350N routers to the latest stable version available.
What types of attacks are possible with CVE-2013-3068?
CVE-2013-3068 allows remote attackers to perform cross-site request forgery attacks, potentially hijacking administrator sessions.
Which devices are affected by CVE-2013-3068?
CVE-2013-3068 specifically affects Linksys WRT310Nv2 firmware version 2.0.0.1 and Linksys WRT350N firmware version 2.0.
What does CVE-2013-3068 exploit?
CVE-2013-3068 exploits the lack of proper CSRF protection in the apply.cgi component of the affected routers.
- agent/type
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco linksys wrt310n router firmware
- version/cisco linksys wrt310n router firmware/2.0.0.1
- canonical/linksys wrt350n
- version/linksys wrt350n/2.0