Category: Actiontec

Actiontec CSRF

Interesting vulnerability found in the¬†Actiontec MI424WR-GEN3I router by Jacob Holcomb of Independent Security Evaluators. The vulnerability is a CSRF that easily allows you to add administrator users and enable remote administration simply by crafting some HTML and pointing a browser in the router’s network to it. Details for how to do this can be found […]