CVE-2020-29292
MEDIUM WAF: Low
CVSS 6.5
Published: 2021-12-30
CWE-352
iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) attacks as demonstrated by enabling DNS settings or modifying the range for IP addresses.
WAF Coverage Analysis
Cross-Site Request Forgery (CSRF)
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| iball | wrd12en_firmware | 1.0.0 |
References
- github.com (Third Party Advisory)
- www.iball.co.in (Vendor Advisory)