First published: Tue Jun 20 2017(Updated: )
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Greenpacket Ox350 Firmware | ||
Greenpacket Ox350 | ||
Huawei Bm2022 Firmware | ||
Huawei Bm2022 | ||
Huawei Hes-309m Firmware | ||
Huawei Hes-309m | ||
Huawei Hes-319m Firmware | ||
Huawei Hes-319m | ||
Huawei Hes-319m2w Firmware | ||
Huawei Hes-319m2w | ||
Huawei Hes-339m Firmware | ||
Huawei Hes-339m | ||
Mada Soho Wireless Router Firmware | ||
Mada Soho Wireless Router | ||
Zte Ox-330p Firmware | ||
ZTE OX-330P | ||
Zyxel Max218m Firmware | ||
Zyxel Max218m | ||
Zyxel Max218m1w Firmware | ||
Zyxel Max218m1w | ||
Zyxel Max218mw Firmware | ||
Zyxel Max218mw | ||
Zyxel Max308m Fimware | ||
Zyxel Max308m | ||
Zyxel Max318m Firmware | ||
Zyxel Max318m | ||
Zyxel Max338m Firmware | ||
Zyxel Max338m |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.