Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to hijack the authentication of unspecified users for requests that enable SNMP on the remote device via vectors involving goform/setSnmp.
References
Link | Resource |
---|---|
https://iscouncil.blogspot.in/2018/03/dray-tek-vigor-ap910c-multiple.html | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-03-06T22:00:00
Updated: 2018-03-06T21:57:01
Reserved: 2017-07-25T00:00:00
Link: CVE-2017-11649
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-07T02:29:00.517
Modified: 2021-06-03T13:48:01.233
Link: CVE-2017-11649
JSON object: View
Redhat Information
No data.
CWE