CVE-2017-11646

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
netcomm4gt101w_software
1.1.8.8
netcomm4gt101w_bootloader
1.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html
https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html