CVE-2024-2559 | Tenda AC18 15.03.05.05 /goform/SysToolReboot fromSysToolReboot cross-site request forgery

Posted by Angelo Barbosa | Mar 16, 2024 | CVE

A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-2559. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2559 | Tenda AC18 15.03.05.05 /goform/SysToolReboot fromSysToolReboot cross-site request forgery

Related Posts

CVE-2024-35698 | YITH WooCommerce Tab Manager Plugin up to 1.35.0 on WordPress cross site scripting

CVE-2021-47004 | Linux Kernel up to 5.10.37/5.11.21/5.12.4 f2fs get_victim allocation of resources

CVE-2024-45107 | Adobe Acrobat Reader prior 20.005.30655/24.001.30159/24.002.21005 use after free (apsb24-57)

CVE-2024-28446 | Shenzhen Libituo Technology LBT-T300-mini1 1.2.9 /apply.cgi lan_netmask buffer overflow