CVE-2024-45372

CVE-2024-45372

Vendor Planex Communications Inc.
Product MZK-DP300N
Weakness CWE-352 · CSRF
Published September 26, 2024
Last update March 25, 2025

CVSS base score

What the vulnerability does

01Description

MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc.

Key dates

02Disclosure timeline

September 26, 2024 CVE published
March 25, 2025 Record updated

Related vulnerabilities

04Related CVE