CVE-2013-6976

Published: 19/12/2013 Updated: 15/09/2016

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote malicious users to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco epc3925 -

####################################################################### # Exploit Title: Cisco EPC3925 - Persistent Cross Site Scripting # Google Dork: N/A # Date: 12-11-2013 # Exploit Author: Jeroen - IT Nerdbox # Vendor Homepage: wwwciscocom # Software Link: Not public # Version: epc3925-E10-5-v302r125572-130520c # Tested ...

####################################################################### # Exploit Title: Cisco EPC3925 � Cross Site Request Forgery # Google Dork: N/A # Date: 12-11-2013 # Exploit Author: Jeroen - IT Nerdbox # Vendor Homepage: wwwciscocom # Software Link: Not public # Version: epc3925-E10-5-v302r125572-130520c # Tested on: Cisco EPC3925 ...

CWE-352 http://www.nerdbox.it/cisco-epc3925-csrf-vulnerability/http://www.exploit-db.com/exploits/30362/http://www.securityfocus.com/bid/64341 http://packetstormsecurity.com/files/124449/Cisco-EPC3925-Cross-Site-Request-Forgery.html http://osvdb.org/101097 https://nvd.nist.gov https://www.exploit-db.com/exploits/30415/

CVE-2013-6976

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect