CVE-2015-4586 – CellPipe 7130 Cross Site Request Forgery
https://notcve.org/view.php?id=CVE-2015-4586
Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to password.cmd. Vulnerabilidad de CSRF en Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL con firmware 1.0.0.20h.HOL permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que crean una cuenta de usuario a través de una acción add_user wn una solicitud a password.cmd. CellPipe 7130 router version 1.0.0.20h.HOL suffers from a cross site request forgery vulnerability. • http://packetstormsecurity.com/files/132324/CellPipe-7130-Cross-Site-Request-Forgery.html http://www.securityfocus.com/bid/75384 • CWE-352: Cross-Site Request Forgery (CSRF) •