CVE-2017-3216
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.
Los routers WiMAX basados en MediaTek SDK (libmtk) que emplean un plugin httpd personalizado son vulnerables a una omisión de autenticación. Esto permite que un atacante remoto no autenticado obtenga acceso de administrador al dispositivo realizando un cambio de contraseña de administrador en el dispositivo mediante una petición POST manipulada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-12-05 CVE Reserved
- 2017-06-20 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-10-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-306: Missing Authentication for Critical Function
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://blog.sec-consult.com/2017/06/ghosts-from-past-authentication-bypass.html | Third Party Advisory | |
| http://www.kb.cert.org/vuls/id/350135 | Mitigation |
|
| URL | Date | SRC |
|---|---|---|
| https://sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170607-0_Various_WiMAX_CPEs_Authentication_Bypass_v10.txt | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Greenpacket Search vendor "Greenpacket" | Ox350 Firmware Search vendor "Greenpacket" for product "Ox350 Firmware" | - | - |
Affected
| in | Greenpacket Search vendor "Greenpacket" | Ox350 Search vendor "Greenpacket" for product "Ox350" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Bm2022 Firmware Search vendor "Huawei" for product "Bm2022 Firmware" | - | - |
Affected
| in | Huawei Search vendor "Huawei" | Bm2022 Search vendor "Huawei" for product "Bm2022" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Hes-309m Firmware Search vendor "Huawei" for product "Hes-309m Firmware" | - | - |
Affected
| in | Huawei Search vendor "Huawei" | Hes-309m Search vendor "Huawei" for product "Hes-309m" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Hes-319m Firmware Search vendor "Huawei" for product "Hes-319m Firmware" | - | - |
Affected
| in | Huawei Search vendor "Huawei" | Hes-319m Search vendor "Huawei" for product "Hes-319m" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Hes-319m2w Firmware Search vendor "Huawei" for product "Hes-319m2w Firmware" | - | - |
Affected
| in | Huawei Search vendor "Huawei" | Hes-319m2w Search vendor "Huawei" for product "Hes-319m2w" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Hes-339m Firmware Search vendor "Huawei" for product "Hes-339m Firmware" | - | - |
Affected
| in | Huawei Search vendor "Huawei" | Hes-339m Search vendor "Huawei" for product "Hes-339m" | - | - |
Safe
|
| Mada Search vendor "Mada" | Soho Wireless Router Firmware Search vendor "Mada" for product "Soho Wireless Router Firmware" | - | - |
Affected
| in | Mada Search vendor "Mada" | Soho Wireless Router Search vendor "Mada" for product "Soho Wireless Router" | - | - |
Safe
|
| Zte Search vendor "Zte" | Ox-330p Firmware Search vendor "Zte" for product "Ox-330p Firmware" | - | - |
Affected
| in | Zte Search vendor "Zte" | Ox-330p Search vendor "Zte" for product "Ox-330p" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Max218m Firmware Search vendor "Zyxel" for product "Max218m Firmware" | - | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Max218m Search vendor "Zyxel" for product "Max218m" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Max218m1w Firmware Search vendor "Zyxel" for product "Max218m1w Firmware" | - | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Max218m1w Search vendor "Zyxel" for product "Max218m1w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Max218mw Firmware Search vendor "Zyxel" for product "Max218mw Firmware" | - | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Max218mw Search vendor "Zyxel" for product "Max218mw" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Max308m Fimware Search vendor "Zyxel" for product "Max308m Fimware" | - | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Max308m Search vendor "Zyxel" for product "Max308m" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Max318m Firmware Search vendor "Zyxel" for product "Max318m Firmware" | - | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Max318m Search vendor "Zyxel" for product "Max318m" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Max338m Firmware Search vendor "Zyxel" for product "Max338m Firmware" | - | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Max338m Search vendor "Zyxel" for product "Max338m" | - | - |
Safe
|