CVE-2023-47677

{"id": "CVE-2023-47677", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-07-08T16:15:04.120", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1872", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1872", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1872", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de cross-site request forgery (csrf) en la funcionalidad de protecci\u00f3n boa CSRF de Realtek rtl819x Jungle SDK v3.4.11. Una solicitud de red especialmente manipulada puede generar CSRF. Un atacante puede enviar una solicitud HTTP para desencadenar esta vulnerabilidad."}], "lastModified": "2025-11-04T18:15:42.710", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:realtek:rtl819x_jungle_software_development_kit:3.4.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7891A085-C128-426B-A8BB-70E688CAAF65"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79082BA3-FBC4-4F38-8897-37E70D7B83D3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:level1:wbr-6013:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "59DE58EE-DF41-48A2-B048-65A0666808F1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}