CVE-2020-15043

MEDIUM

iBall WRB303N - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

iBall WRB303N devices allow CSRF attacks, as demonstrated by enabling remote management, enabling DHCP, or modifying the subnet range for IP addresses.

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://gist.github.com/Saket-taneja/4dda4b2df5aa0973a7160bb6bf8875e0

Scores

CVSS v3 6.5
EPSS 0.0045
EPSS Percentile 36.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
iball/wrb303n_firmware
Published Jun 29, 2020
Tracked Since Feb 18, 2026