PT-2017-16726 · D Link · Dir-600M
Published
2017-03-22
·
Updated
2023-04-26
·
CVE-2017-5874
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-600M Rev. Cx versions prior to v3.05ENB01 beta 20170306
Description
A CSRF issue exists, allowing attackers to bypass authentication. This can lead to the insertion of XSS sequences, potentially having other unspecified impacts.
Recommendations
For versions prior to v3.05ENB01 beta 20170306, update to v3.05ENB01 beta 20170306 or later to resolve the issue. As a temporary workaround, consider restricting access to the device's web interface to minimize the risk of exploitation.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dir-600M