CVE-2018-5720
Last modified
CVE-2018-5720 is a vulnerability of currently unknown severity. An issue was discovered on DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extend RTN2-AW.GD.R3465.1.20161103 devices. A Cross-site request forgery (CSRF) vulnerability allows remote attackers to hijack the authentication of users for requests that modify all the settings. EPSS estimates a 2.76% chance of exploitation in the next 30 days.
Description
An issue was discovered on DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extend RTN2-AW.GD.R3465.1.20161103 devices. A Cross-site request forgery (CSRF) vulnerability allows remote attackers to hijack the authentication of users for requests that modify all the settings. This vulnerability can lead to changing an existing user's username and password, changing the Wi-Fi password, etc.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dodocool | Dc38 Firmware | rtn2-aw.gd.r3465.1.20161103 |
References
- https://www.exploit-db.com/exploits/43898/Exploit, Third Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/43898/Exploit, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-5720?
How severe is CVE-2018-5720?
How do I fix CVE-2018-5720?
Are you affected by CVE-2018-5720?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST