CVE-2020-5549

HIGH

EasyBlocks IPv6 <2.0.1 & Enterprise <2.0.1 - CSRF

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

References (3)

Core 3
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://www.plathome.co.jp/software/ipv6-v2-0-2/
Release Notes, Vendor Advisory x_refsource_misc
https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/
Third Party Advisory x_refsource_misc
https://jvn.jp/en/jp/JVN89224521/index.html

Scores

CVSS v3 8.8
EPSS 0.0089
EPSS Percentile 54.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (2)
plathome/easyblocks_ipv6_enterprise_firmware < 2.0.1
plathome/easyblocks_ipv6_firmware < 2.0.1
Published Apr 08, 2020
Tracked Since Feb 18, 2026