CVE-2023-47677

Summary

A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
LevelOneWBR-6013RER4_A_v3411b_2T2R_LEV_09_170623affected
Realtekrtl819x Jungle SDKv3.4.11affected

Weaknesses

  • CWE-352: CWE-352: Cross-Site Request Forgery (CSRF)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References