CVE-2024-24777

Published Oct 30, 2024

Last updated 9 days ago

CVSS high 8.8

Overview

Description
A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious web page to trigger this vulnerability.
Source
talos-cna@cisco.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

talos-cna@cisco.com
CWE-352

Social media

Hype score
Not currently trending

  1. CVE-2024-24777 A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to unauthorized access. An a... https://t.co/Zw6tR0BmtO

    @VulmonFeeds

    30 Oct 2024

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-24777 A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can l… https://t.co/pQqcE7uDo8

    @CVEnew

    30 Oct 2024

    298 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. [CVE-2024-24777: HIGH] Beware of cross-site request forgery (CSRF) in LevelOne WBR-6012 R0.40e6 web app, enabling unauthorized access through crafted HTTP requests by malicious web pages. #cybersecurity#cybersecurity,#vulnerability https://t.co/KGfDF6wq7a https://t.co/ztnjIdnR3K

    @CveFindCom

    30 Oct 2024

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References