The Relish (Verve Connect) VH510 device with firmware prior to 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings (responsible for managing devices remotely). This makes it possible to remotely reboot the device or upload malicious firmware.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
imomobile verve_connect_vh510_firmware |