CVE-2017-11646

HIGH

NetComm Wireless 4GT101W - Cross-Site Request Forgery via Administration Interface

Title source: llm
STIX 2.1

Description

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device.

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0045
EPSS Percentile 36.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (2)
netcomm/4gt101w_bootloader 1.1.3
netcomm/4gt101w_software 1.1.8.8
Published Jul 28, 2017
Tracked Since Feb 18, 2026