CVE-2017-6127 in DG-HR1400info

Zusammenfassung (Englisch)

Multiple cross-site request forgery (CSRF) vulnerabilities in the access portal on the DIGISOL DG-HR1400 Wireless Router with firmware 1.00.02 allow remote attackers to hijack the authentication of administrators for requests that (1) change the SSID, (2) change the Wi-Fi password, or (3) possibly have unspecified other impact via crafted requests to form2WlanBasicSetup.cgi.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

21.02.2017

Veröffentlichung

21.02.2017

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
97178	DIGISOL DG-HR1400 form2WlanBasicSetup.cgi Cross Site Request Forgery	352	Proof-of-Concept	Nicht definiert	CVE-2017-6127

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

◂ ZurückÜbersichtWeiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!