Monthly
Cross-site request forgery (CSRF) in ELECOM wireless LAN access points (WAB-BE187-M, WAB-BE72-M, WAB-BE36-M, WAB-BE36-S) allows remote attackers to trick authenticated users into performing unintended administrative operations by viewing a malicious webpage. The vulnerability exists despite CSRF token implementation due to inadequate token validation, enabling integrity compromise of access point configuration without user knowledge.
Cross-site request forgery (CSRF) in ELECOM wireless LAN access points (WAB-BE187-M, WAB-BE72-M, WAB-BE36-M, WAB-BE36-S) allows remote attackers to trick authenticated users into performing unintended administrative operations by viewing a malicious webpage. The vulnerability exists despite CSRF token implementation due to inadequate token validation, enabling integrity compromise of access point configuration without user knowledge.