CSRF Vulnerability in NETGEAR JNR1010 Devices

CSRF Vulnerability in NETGEAR JNR1010 Devices

CVE-2016-11015 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.

Learn more about our Web App Pen Testing.