CVE-2017-16953

Publication date

2017-12-01 17:00:00

Family

mitre

State

PUBLISHED

Description

connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request.