説明
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.
AI分析AIによる分析
影響を受ける製品
netgeargs116e_firmware
2.6.0.43
netgeargs116e
v2
netgearjgs516pe_firmware
2.6.0.43
netgearjgs516pe
-
参照
- https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/Vendor Advisory
- https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/Vendor Advisory