CVE Published: 26/09/2024 |
CVE Updated: 26/09/2024 |
CVE Year: 2024 Source: jpcert |
Vendor: PLANEX COMMUNICATIONS INC. |
Product: MZK-DP300N Status : PUBLISHED
CVE-2024-45372 Description
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc.