6 matches found
CVE-2017-11567
Cross-site request forgery CSRF vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to mgadmin?save. NOTE: this issue can be leveraged to execute arbitrary code remotely...
CVE-2017-11567
CVE-2017-11567 concerns the Mongoose Web Server (Free Edition) where a CSRF vulnerability exists in versions before 6.9. The issue allows remote attackers to hijack user authentication to perform requests that modify Mongoose.conf via a request to __mg_admin?save, and this note states it can be l...
Mongoose Web Server 6.5 CSRF / Command Execution Vulnerability
Mongoose Web Server version 6.5 suffers from cross site request forgery and remote command execution vulnerabilities. + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MONGOOSE-WEB-SERVER-v6.5-CSRF-COMMAND-EXECUTION.txt +...
Mongoose Web Server 6.5 CSRF / Command Execution
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MONGOOSE-WEB-SERVER-v6.5-CSRF-COMMAND-EXECUTION.txt + ISR: apparitionSec Vendor: =============== www.cesanta.com Product: ================== Mongoose Web Server Free Edition...
Mongoose Web Server 6.5 - Cross-Site Request Forgery Remote Code Execution
Mongoose Web Server 6.5 - Cross-Site Request Forgery Remote Code Execution + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MONGOOSE-WEB-SERVER-v6.5-CSRF-COMMAND-EXECUTION.txt + ISR: apparitionSec Vendor: ===============...
Mongoose Web Server 6.5 - Cross-Site Request Forgery / Remote Code Execution
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MONGOOSE-WEB-SERVER-v6.5-CSRF-COMMAND-EXECUTION.txt + ISR: apparitionSec Vendor: =============== www.cesanta.com Product: ================== Mongoose Web Server Free Edition...