CVE-2017-10930
The ZXR10 1800-2S router (firmware before 3.00.40) has an access-control flaw that lets unauthorized users download configuration files containing admin usernames and passwords. Multiple sources confirm that ordinary users can bypass restrictions, even via manipulated cookies or requests, to retr...