Cross-Site Request Forgery Vulnerabilities in DIGISOL DG-HR1400 Wireless Router
CVE-2017-6127

8.8HIGH

Key Information:

Vendor

Digisol

Status
Dg-hr1400 Firmware
Vendor
CVE Published:
21 February 2017

What is CVE-2017-6127?

The DIGISOL DG-HR1400 Wireless Router is susceptible to several cross-site request forgery vulnerabilities. These weaknesses enable remote attackers to compromise the authentication of administrators, executing unauthorized requests to the router's access portal. Exploiting these vulnerabilities may allow attackers to modify critical settings such as the SSID and Wi-Fi password, potentially leading to further security compromises. Crafted requests sent to form2WlanBasicSetup.cgi can trigger these issues, posing a significant risk to users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/fulldisclosure/2017/Feb/66
mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/bid/96369
vdb-entryx_refsource_BID
https://drive.google.com/file/d/0B6715xUqH18MeV9GOVE0ZmFr...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.