CVE-2013-2752

Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
VendorProductVersion
netgearraidiator
4.1 ≤
𝑥
< 4.1.12
netgearraidiator
4.2 ≤
𝑥
< 4.2.24
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.osvdb.org/98825
http://www.readynas.com/?p=7002
http://www.tripwire.com/register/security-advisory-netgear-readynas/
http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/
http://www.osvdb.org/98825
http://www.readynas.com/?p=7002
http://www.tripwire.com/register/security-advisory-netgear-readynas/
http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/