Newsy.co
[SBA-ADV-20240321-01] CVE-2024-5676: Paradox IP150 Internet Module Cross-Site Request Forgery
Posted by SBA Research Security Advisory via Fulldisclosure on Jun 23
# Paradox IP150 Internet Module Cross-Site Request Forgery #
Link:
https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01_Paradox_Cross_Site_Request_Forgery
## Vulnerability Overview ##
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to
Cross-Site Request Forgery (CSRF) attacks due to
a lack of countermeasures and the use of the HTTP method `GET` to introduce
changes in the system.
* **Identifier**...