First published: Fri Apr 01 2016(Updated: )
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
NEC Aterm WG300HP | ||
Aterm WG300HP firmware | <=1.0.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2016-1167 is considered critical due to its impact on user authentication hijacking.
To fix CVE-2016-1167, users should upgrade their firmware to a version beyond 1.0.8.
CVE-2016-1167 affects NEC Aterm WG300HP devices running firmware version 1.0.8 or earlier.
CVE-2016-1167 is a cross-site request forgery (CSRF) vulnerability that can allow remote attacks.
Yes, CVE-2016-1167 can be exploited remotely, allowing attackers to hijack user authentication.