Signature Detail
Short Name |
HTTP:STC:BUFFALO-AIRSTATON-CSRF |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Buffalo AirStation Web Management Cross-Site Request Forgery |
Release Date |
2012/12/12 |
Update Number |
2210 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Buffalo AirStation Web Management Cross-Site Request Forgery
This signature detects attempts to exploit a known vulnerability against Buffalo AirStation Web Management Interface. A successful attack can lead to cross-site request forgery attacks and unauthorized session hijack.
Extended Description
Buffalo AirStation WHR-G54S is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to use a victim's cookie credentials to perform actions with the application. This issue affects Buffalo AirStation WHR-G54S 1.20; other versions may also be affected.
Affected Products
- Buffalo Technology Airstation WHR-G54S 1.2.0
References
- BugTraq: 25588
- CVE: CVE-2007-4822