Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross site request forgery (CSRF) vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
KeeneticOS 安全漏洞
Vulnerability Description
KeeneticOS是德国Keenetic公司的一款操作系统。 KeeneticOS 4.3之前版本存在安全漏洞,该漏洞源于/rci API端点存在跨站请求伪造,可能导致攻击者通过添加具有完全权限的额外用户来接管设备。
CVSS Information
N/A
Vulnerability Type
N/A