CVE-2021-31152 — HIGH (8.8)

Vulnerability Description

Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords, and perform other actions through misconfigured requests, entries, and headers.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Multilaser	Ac1200 Re018 Firmware	v02.03.01.45_pt
Multilaser	Ac1200 Re018	-

Related Weaknesses (CWE)

CWE-352

References

http://packetstormsecurity.com/files/162258/Multilaser-Router-RE018-AC1200-CrossExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2024/Mar/1
https://www.youtube.com/watch?v=zN3DVrcu6EgExploitThird Party Advisory
http://packetstormsecurity.com/files/162258/Multilaser-Router-RE018-AC1200-CrossExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2024/Mar/1
https://www.youtube.com/watch?v=zN3DVrcu6EgExploitThird Party Advisory

FAQ

What is CVE-2021-31152?

CVE-2021-31152 is a vulnerability with a CVSS score of 8.8 (HIGH). Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords, and perform other actions through misconfig...

How severe is CVE-2021-31152?

CVE-2021-31152 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-31152?

Check the references section above for vendor advisories and patch information. Affected products include: Multilaser Ac1200 Re018 Firmware, Multilaser Ac1200 Re018.