VYPR

Mongoose Web Server

by Mongoose

CVEs (1)

  • CVE-2017-11567HigSep 7, 2017
    risk 0.61cvss 8.8epss 0.04

    Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to __mg_admin?save. NOTE: this issue can be leveraged to execute arbitrary code…