Vulnerabilities > CVE-2020-16208 - Unspecified vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 | |
| Hardware | 2 |
References
- http://packetstormsecurity.com/files/159064/Red-Lion-N-Tron-702-W-702M12-W-2.0.26-XSS-CSRF-Shell.html
- http://packetstormsecurity.com/files/159064/Red-Lion-N-Tron-702-W-702M12-W-2.0.26-XSS-CSRF-Shell.html
- http://seclists.org/fulldisclosure/2020/Sep/6
- http://seclists.org/fulldisclosure/2020/Sep/6
- https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01
- https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01