2 matches found
CVE-2017-16565
Cross-Site Request Forgery CSRF in /cgi-bin/login on Vonage Grandstream HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests...
CVE-2017-16565
CVE-2017-16565 describes a CSRF vulnerability in the Vonage (Grandstream) HT802 home gateway. An attacker can abuse CSRF on the /cgi-bin/login page to authenticate a user by using the device’s default password (123) and submit arbitrary requests. Public sources corroborate that this affects HT802...