Vulnerability Details CVE-2024-33377
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users to perform arbitrary operations via interaction with crafted elements on the web page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.5%
CVSS Severity
CVSS v3 Score 8.1
References
- https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Clickjacking-%28CVE%E2%80%902024%E2%80%9033377%29
- https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router/
- https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Clickjacking-%28CVE%E2%80%902024%E2%80%9033377%29
- https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router/
Products affected by CVE-2024-33377
-
cpe:2.3:h:lb-link:bl-w1210m:2.0
-
cpe:2.3:o:lb-link:bl-w1210m_firmware:-