CVE-2017-3216

Name: CVE-2017-3216
Creator: NVD / NIST
Published: 2017-06-20T00:29:00.267+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.17%

Last modified Jun 17, 2026

CVE-2017-3216 is a vulnerability of currently unknown severity. WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.. EPSS estimates a 5.17% chance of exploitation in the next 30 days.

Description

WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.

Metrics

EPSS Probability

5.17%

91.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Greenpacket	Ox350 Firmware	All versions
Huawei	Bm2022 Firmware	All versions
Huawei	Hes-309m Firmware	All versions
Huawei	Hes-319m Firmware	All versions
Huawei	Hes-319m2w Firmware	All versions
Huawei	Hes-339m Firmware	All versions
Mada	Soho Wireless Router Firmware	All versions
Zte	Ox-330p Firmware	All versions
Zyxel	Max218m Firmware	All versions
Zyxel	Max218m1w Firmware	All versions
Zyxel	Max218mw Firmware	All versions
Zyxel	Max308m Fimware	All versions
Zyxel	Max318m Firmware	All versions
Zyxel	Max338m Firmware	All versions

References

http://blog.sec-consult.com/2017/06/ghosts-from-past-authentication-bypass.htmlThird Party Advisory
http://www.kb.cert.org/vuls/id/350135Mitigation, Third Party Advisory, US Government Resource
https://sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170607-0_Various_WiMAX_CPEs_Authentication_Bypass_v10.txtExploit, Third Party Advisory
http://blog.sec-consult.com/2017/06/ghosts-from-past-authentication-bypass.htmlThird Party Advisory
http://www.kb.cert.org/vuls/id/350135Mitigation, Third Party Advisory, US Government Resource
https://sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170607-0_Various_WiMAX_CPEs_Authentication_Bypass_v10.txtExploit, Third Party Advisory

Timeline

Published: Jun 20, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-3216?

How severe is CVE-2017-3216?

Severity scoring for CVE-2017-3216 is pending analysis. The EPSS model estimates a 5.17% probability of exploitation in the next 30 days.

How do I fix CVE-2017-3216?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-3216?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST