MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc.
This Cyber News was published on www.tenable.com. Publication date: Thu, 26 Sep 2024 09:11:02 +0000