Skip to main content

N300 Firmware CVE-2013-3089

MEDIUM
Cross-Site Request Forgery (CSRF) (CWE-352)
2014-09-29 cve@mitre.org
6.8
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:P/I:P/A:P
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Sep 29, 2014 - 22:55 cve.org
MEDIUM 6.8

DescriptionCVE.org

Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration.

AnalysisAI

Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Request Forgery (CSRF) (CWE-352), which allows attackers to trick authenticated users into performing unintended actions. Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration. Affected products include: Belkin N300 Firmware, Belkin N300.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement anti-CSRF tokens, validate Origin/Referer headers, use SameSite cookie attribute.

CVE-2024-39227 CRITICAL POC
9.8 Aug 06

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/

CVE-2024-39228 CRITICAL POC
9.8 Aug 06

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/

CVE-2024-39226 CRITICAL POC
9.8 Aug 06

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/

CVE-2024-39225 CRITICAL POC
9.8 Aug 06

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/

CVE-2022-30105 CRITICAL POC
9.8 May 18

In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configu

CVE-2013-3092 HIGH POC
8.3 Sep 29

The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors rela

CVE-2024-27356 HIGH POC
7.5 Feb 27

An issue was discovered on certain GL-iNet devices. Rated high severity (CVSS 7.5), this vulnerability is remotely explo

CVE-2024-39229 MEDIUM POC
5.3 Aug 06

An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT

CVE-2024-25343 CRITICAL
9.1 Apr 26

Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords. Rated crit

CVE-2023-4498 MEDIUM
5.3 Sep 06

Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to aut

Share

CVE-2013-3089 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy