CVE-2024-40119 Information

Description

Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function which allows remote attackers to change the admin password without the user’s consent leading to a potential account takeover.

Reference

https://github.com/sudo-subho/nepstech-xpon-router-CVE-2024-40119