iBall WRD12EN 1.0.0 devices allow cross-site request... · CVE-2020-29292 · GitHub Advisory Database · GitHub

iBall WRD12EN 1.0.0 devices allow cross-site request...

Moderate severity Unreviewed Published Dec 31, 2021 to the GitHub Advisory Database • Updated Feb 3, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) attacks as demonstrated by enabling DNS settings or modifying the range for IP addresses.

References

Published by the National Vulnerability Database

Dec 30, 2021

Published to the GitHub Advisory Database Dec 31, 2021

Last updated Feb 3, 2023