Authorization Bypass and Unauthorized Static Routing Configuration in Arcadyan SLT-00 Star* Devices

Authorization Bypass and Unauthorized Static Routing Configuration in Arcadyan SLT-00 Star* Devices

CVE-2016-10042 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Authorization Bypass in the Web interface of Arcadyan SLT-00 Star* (aka Swisscom Internet-Box) devices before R7.7 allows unauthorized reconfiguration of the static routing table via an unauthenticated HTTP request, leading to denial of service and information disclosure.

Learn more about our Web App Pen Testing.