Security Advisory

CVE-2013-0126

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-03-21 20:00:00

Last updated 2024-09-17 03:07:46

Assigner certcc

State PUBLISHED

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in index.cgi on the Verizon FIOS Actiontec MI424WR-GEN3I router with firmware 40.19.36 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via the username and user_level parameters or (2) enable remote administration via the is_telnet_primary and is_telnet_secondary parameters.

← Browse all CVEs View on cve.org ↗