1 results (0.001 seconds)
CVSS: 10.0EPSS: 3%CPEs: 28EXPL: 1
CVSS: 10.0EPSS: 3%CPEs: 28EXPL: 1CVE-2017-3216
https://notcve.org/view.php?id=CVE-2017-3216
20 Jun 2017 — WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request. Los routers WiMAX basados en MediaTek SDK (libmtk) que emplean un plugin httpd personalizado son vulnerables a una omisión de autenticación. Esto permite que un atacante remoto no autenticado obtenga acceso de adm... • http://blog.sec-consult.com/2017/06/ghosts-from-past-authentication-bypass.html • CWE-306: Missing Authentication for Critical Function •