THREAT OPS › Threat News › [NVD] CVE-2019-13529 (HIGH 8.8) — An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successfu
[NVD] CVE-2019-13529 (HIGH 8.8) — An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successfu
CVE-2019-13529 CVSS: 8.8 HIGH Published: 2019-10-09T16:15:14.310
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation
MITRE ATT&CK techniques
- IP AddressesT1590.005
- Malicious LinkT1204.001
- Malicious LinkAML.T0011.003
Indicators of compromise
- CVE-2019-13529cve
Original source: https://nvd.nist.gov/vuln/detail/CVE-2019-13529