Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-45372


MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc.


Published

2024-09-26T05:15:12.100

Last Modified

2025-03-25T16:15:24.080

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-352
  • Type: Primary
    CWE-352

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System planex mzk-dp300n_firmware ≤ 1.04 Yes
Hardware planex mzk-dp300n - No

References