CVE-2017-5633 – D-Link DI-524 - Cross-Site Request Forgery

https://notcve.org/view.php?id=CVE-2017-5633

Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. Múltiples vulnerabilidades de CSRF en el router wireless D-Link DI-524 con firmware 9.01 permiten a atacantes remotos (1) cambiar la contraseña de administrador, (2) reiniciar el dispositivo o (3) posiblemente tener otro impacto no especificado a través de peticiones manipuladas a programas CGI. • https://www.exploit-db.com/exploits/40983 https://github.com/cardangi/Exploit-CVE-2017-5633 http://seclists.org/fulldisclosure/2017/Feb/70 http://www.securityfocus.com/bid/96475 • CWE-352: Cross-Site Request Forgery (CSRF) •