CVE-2017-16886: CSRF
First published: Fri Jan 12 2018(Updated: )
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services via CSRF can result in an unauthorized change of username or password of the administrator of the portal.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fiberhome Lm53q1 Firmware | =vh519r05c01s38 | |
| FiberHome LM53Q1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-16886?
CVE-2017-16886 is a vulnerability that allows unauthorized access to web services via CSRF on the FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38.
How does CVE-2017-16886 affect the FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38?
CVE-2017-16886 can result in an unauthorized change of username or password of the administrator of the portal on the FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38.
What is the severity of CVE-2017-16886?
CVE-2017-16886 has a severity rating of 8.8 (High).
How can I fix CVE-2017-16886?
To fix CVE-2017-16886, it is recommended to update the firmware of the FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 to a version that addresses the vulnerability.
Where can I find more information about CVE-2017-16886?
More information about CVE-2017-16886 can be found at the following references: [1](http://seclists.org/fulldisclosure/2018/Jan/28) and [2](https://www.exploit-db.com/exploits/43460/).
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/tags
- agent/type
- agent/event
- vendor/fiberhome
- canonical/fiberhome lm53q1 firmware
- version/fiberhome lm53q1 firmware/vh519r05c01s38
- canonical/fiberhome lm53q1