|
|
|||
Release Date:2017-09-29
Attack Name:WEB-OTHER Mongoose Web Server 6.5 Remote Code Execution (CVE-2017-11567)
Severity:
BUG ID:
CVE ID:
| Description:
|
Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to __mg_admin?save.
Impact: Remote code execution
Affected System: Windows
Additional References: CVE-2017-11567; EDB:42614
| Solution:
|
Update vendor's patch.