Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated users into loading a specially crafted page.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Microhardcorp |
|
No data.
No data.
References
History
Mon, 05 Jan 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Microhardcorp
Microhardcorp ipn4g |
|
| Vendors & Products |
Microhardcorp
Microhardcorp ipn4g |
Wed, 24 Dec 2025 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated users into loading a specially crafted page. | |
| Title | Microhard Systems IPn4G 1.1.0 Cross-Site Request Forgery via Web Interface | |
| Weaknesses | CWE-352 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: VulnCheck
Published: 2025-12-24T19:27:51.383Z
Updated: 2025-12-24T20:25:07.980Z
Reserved: 2025-12-24T14:28:02.436Z
Link: CVE-2018-25149
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2025-12-24T20:15:49.517
Modified: 2025-12-29T15:58:13.147
Link: CVE-2018-25149
Redhat
No data.