CVE-2021-31152

HIGH

Multilaser Router AC1200 V02.03.01.45_pt - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-31152. PoCs published by Rodolfo Mariano.

AI-analyzed exploit summary This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Multilaser Router RE018 AC1200, allowing an attacker to enable remote access by tricking a user into submitting a malicious form. The PoC automatically submits a POST request to the router's configuration endpoint.

Description

Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords, and perform other actions through misconfigured requests, entries, and headers.

Exploits (1)

exploitdb WORKING POC
by Rodolfo Mariano · htmlwebappshardware
https://www.exploit-db.com/exploits/49775

This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Multilaser Router RE018 AC1200, allowing an attacker to enable remote access by tricking a user into submitting a malicious form. The PoC automatically submits a POST request to the router's configuration endpoint.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Multilaser Router RE018 AC1200 (Firmware V02.03.01.45_pt)
No auth needed
Prerequisites: Victim must be authenticated to the router's admin interface · Attacker must trick the victim into visiting the malicious HTML page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.8
EPSS 0.0083
EPSS Percentile 75.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
multilaser/ac1200_re018_firmware v02.03.01.45_pt
Published Apr 14, 2021
Tracked Since Feb 18, 2026