CSRF Vulnerability in Cisco EPC3925 Devices: Password Hijacking via goform/Quick_setup (Bug ID CSCuh37496)

CSRF Vulnerability in Cisco EPC3925 Devices: Password Hijacking via goform/Quick_setup (Bug ID CSCuh37496)

CVE-2013-6976 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496.

Learn more about our Cis Benchmark Audit For Cisco.