CVE-2008-6823

Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface on the A-LINK WL54AP3 and WL54AP2 access points before firmware 1.4.2-eng1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify the network configuration via certain parameters to goform/formWanTcpipSetup or (2) modify credentials via certain parameters to goform/formPasswordSetup.
Configurations

Configuration 1

cpe:2.3:h:a-link:wl54ap2:1.2.3:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.5:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.2:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.6:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.7:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.4:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.9:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.4.0:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.0:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:*:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.1:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap2:1.2.8:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.0:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:*:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.7:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.3:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.8:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.5:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.6:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.4.0:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.1:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.4:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.2:*:*:*:*:*:*:*
cpe:2.3:h:a-link:wl54ap3:1.2.9:*:*:*:*:*:*:*

Information

Published : 2009-06-04 04:30

Updated : 2018-10-11 08:57


NVD link : CVE-2008-6823

Mitre link : CVE-2008-6823

Products Affected
No products.
CWE