Description
Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the uiViewTools_Password and uiViewTools_PasswordConfirm parameters to Forms/tools_admin_1.
CVSS Metrics
- Vector
- AV:N/AC:M/Au:N/C:P/I:P/A:P
- Access Vector
- network
- Access Cmplx
- medium
- Auth
- none
- Confidentiality
- partial
- Integrity
- partial
- Availability
- partial
- Weaknesses
- CWE-352
Metadata
- Primary Vendor
- BEETEL
- Published
- 5/20/2014
- Last Modified
- 4/12/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
beetel : 450tc2_router_firmwarebeetel : 450tc2_router
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.