Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to hijack the authentication of administrators for requests that (1) reset the modem, (2) erase the firmware, (3) change the administrative password, (4) install modified firmware, or (5) change the access level, as demonstrated by a request to goform/_aslvl.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Scientific Atlanta WebSTAR DPC2100R2调试解调器跨站请求伪造漏洞
Vulnerability Description
Cisco DPC2100是一款小型的有线调制解调器。 Cisco Scientific Atlanta WebSTAR DPC2100R2 电缆调制解调器中 firmware的web接口存在多个跨站请求伪造漏洞,远程攻击者可以通过劫持官员员认证,发起多个伪造请求:(1) 重置解调器, (2) 关闭firmware, (3) 修改管理员口令, (4) 安装修改的firmware, 或(5) 变更访问级别,该漏洞已经通过向goform/_aslvl发送请求得到证明。
CVSS Information
N/A
Vulnerability Type
N/A