CVE-2014-10027 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that (1) change the MAC filter restrict mode (2) add a MAC address to the filter or (3) remove a MAC address from the filter via a crafted request to index.cgi.

Reference

http://seclists.org/fulldisclosure/2014/Nov/100 http://websecurity.com.ua/7215/