MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc.
2024-09-26T05:15:12.100
2025-03-25T16:15:24.080
Modified
CVSSv3.1: 6.5 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | planex | mzk-dp300n_firmware | ≤ 1.04 | Yes |
Hardware | planex | mzk-dp300n | - | No |