CVE-2017-5633
Summary
| CVE | CVE-2017-5633 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-03-06 06:59:00 UTC |
| Updated | 2023-04-26 18:55:00 UTC |
| Description | Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. |
Risk And Classification
Problem Types: CWE-352
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | D-link | Di-524 | - | All | All | All |
| Hardware | D-link | Di-524 | - | All | All | All |
| Operating System | D-link | Di-524 Firmware | 9.01 | All | All | All |
| Operating System | D-link | Di-524 Firmware | 9.01 | All | All | All |
| Hardware | Dlink | Di-524 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| D-link DI-524 CVE-2017-5633 Multiple Cross Site Request Forgery Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Full Disclosure: D-link wireless router DI-524 – Multiple Cross-Site Request Forgery (CSRF) vulnerabilities | MISC | seclists.org | Exploit, Product, Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.