CVE-2019-19516: CSRF
First published: Mon Dec 02 2019(Updated: )
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intelbras Wrn 150 Firmware | =1.0.18 | |
| Intelbras WRN 150 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Intelbras WRN 150 device vulnerability?
The vulnerability ID is CVE-2019-19516.
What is the severity level of CVE-2019-19516?
The severity level of CVE-2019-19516 is medium with a CVSS score of 6.5.
How can an attacker exploit CVE-2019-19516?
An attacker can exploit CVE-2019-19516 by performing a Cross-Site Request Forgery attack via the goform/SysToolChangePwd URI.
What is the affected software version of Intelbras WRN 150 devices?
The affected software version is 1.0.18.
Are there any references available for CVE-2019-19516?
Yes, you can find more information about CVE-2019-19516 at the following references: [Packet Storm Security](http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html) and [Exploit-DB](https://www.exploit-db.com/exploits/47545).
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- vendor/intelbras
- canonical/intelbras wrn 150 firmware
- version/intelbras wrn 150 firmware/1.0.18
- canonical/intelbras wrn 150