CVE-2017-5633: CSRF
First published: Mon Mar 06 2017(Updated: )
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-link Di-524 Firmware | =9.01 | |
| Dlink Di-524 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-5633?
CVE-2017-5633 is considered high severity due to its potential for unauthorized access and device manipulation.
How do I fix CVE-2017-5633?
To mitigate CVE-2017-5633, update the D-Link DI-524 router firmware to the latest version that addresses the vulnerability.
What actions can attackers perform via CVE-2017-5633?
Attackers exploiting CVE-2017-5633 can change the admin password, reboot the device, or potentially execute other malicious actions.
What devices are affected by CVE-2017-5633?
CVE-2017-5633 affects the D-Link DI-524 Wireless Router running firmware version 9.01.
Are there any known exploits for CVE-2017-5633?
Yes, there are reports indicating that CVE-2017-5633 can be exploited through crafted requests to vulnerable CGI programs.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/d-link
- canonical/d-link di-524 firmware
- version/d-link di-524 firmware/9.01
- vendor/dlink
- canonical/dlink di-524