CVE-2023-41086

Description

Cross-site request forgery (CSRF) vulnerability exists in FURUNO SYSTEMS wireless LAN access point devices. If a user views a malicious page while logged in, unintended operations may be performed. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.

Category

8.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.32%
Vendor Advisory co.jp
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 1210
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 1150i
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 1150w
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 1110
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 1020
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 1010
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 950
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 850F
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 900
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 850M
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 810
Affected: FURUNO SYSTEMS Co.,Ltd. ACERA 800ST
Published at:
Updated at:

References

Link Tags
https://www.furunosystems.co.jp/news/info/vulner20231002.html vendor advisory
https://jvn.jp/en/vu/JVNVU94497038/ third party advisory

Frequently Asked Questions

What is the severity of CVE-2023-41086?
CVE-2023-41086 has been scored as a high severity vulnerability.
How to fix CVE-2023-41086?
To fix CVE-2023-41086, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-41086 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-41086 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-41086?
CVE-2023-41086 affects FURUNO SYSTEMS Co.,Ltd. ACERA 1210, FURUNO SYSTEMS Co.,Ltd. ACERA 1150i, FURUNO SYSTEMS Co.,Ltd. ACERA 1150w, FURUNO SYSTEMS Co.,Ltd. ACERA 1110, FURUNO SYSTEMS Co.,Ltd. ACERA 1020, FURUNO SYSTEMS Co.,Ltd. ACERA 1010, FURUNO SYSTEMS Co.,Ltd. ACERA 950, FURUNO SYSTEMS Co.,Ltd. ACERA 850F, FURUNO SYSTEMS Co.,Ltd. ACERA 900, FURUNO SYSTEMS Co.,Ltd. ACERA 850M, FURUNO SYSTEMS Co.,Ltd. ACERA 810, FURUNO SYSTEMS Co.,Ltd. ACERA 800ST.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.