CVE-2024-24777 HIGH

CVE-2024-24777

Vendor Levelone
Product WBR-6012
Weakness CWE-352 · CSRF
Published October 30, 2024
Last update October 30, 2024

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious web page to trigger this vulnerability.

Key dates

02Disclosure timeline

October 30, 2024 CVE published
October 30, 2024 Record updated