CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-11649

Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to hijack the authentication of unspecified users for requests that enable SNMP on the remote device via vectors involving goform/setSnmp.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.6%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://iscouncil.blogspot.in/2018/03/dray-tek-vigor-ap910c-multiple.html
https://iscouncil.blogspot.in/2018/03/dray-tek-vigor-ap910c-multiple.html

Products affected by CVE-2017-11649

Draytek » Vigorap 910c » Version: N/A

cpe:2.3:h:draytek:vigorap_910c:-
Draytek » Vigorap 910c Firmware » Version: 1.2.0

cpe:2.3:o:draytek:vigorap_910c_firmware:1.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-11649

Products

Pricing

Contact Us