CVE-2014-4716: CSRF
First published: Thu Jul 03 2014(Updated: )
Cross-site request forgery (CSRF) vulnerability in Thomson TWG87OUIR allows remote attackers to hijack the authentication of unspecified victims for requests that change passwords via the Password and PasswordReEnter parameters to goform/RgSecurity.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Thomson TWG87OUIR |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-4716?
CVE-2014-4716 has a medium severity rating due to its potential for cross-site request forgery attacks that could compromise user authentication.
How do I fix CVE-2014-4716?
To mitigate CVE-2014-4716, it is recommended to update the firmware of the Thomson TWG87OUIR device to a version that includes security patches.
What type of vulnerability is CVE-2014-4716?
CVE-2014-4716 is classified as a cross-site request forgery (CSRF) vulnerability.
Who is affected by CVE-2014-4716?
CVE-2014-4716 primarily affects users of the Thomson TWG87OUIR router.
What can attackers do exploiting CVE-2014-4716?
Exploitation of CVE-2014-4716 enables attackers to hijack user sessions and change passwords without the user's consent.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/thomson
- canonical/thomson twg87ouir