CVE-2013-5039

HOT HOTBOX router 2.1.11 - CSRF

Title source: llm

Description

Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter.

Exploits (1)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/29518

View Code ZIP pw:eip

References (2)

[Exploit] http://www.youtube.com/watch?v=CPlT09ZIj48

[Exploit] http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html

Scores

EPSS 0.0006

EPSS Percentile 19.8%

Details

CWE

CWE-352

Status published

Products (2)

hot/hotbox_router

hot/hotbox_router_firmware 2.1.11

Published Dec 30, 2013

Tracked Since Feb 18, 2026