### [CVE-2017-3216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3216)
![](https://img.shields.io/static/v1?label=Product&message=BM2022&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=HES-309M&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=HES-319M&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=HES-319M2W&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=HES-339M&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MAX218M&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MAX218M1W&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MAX218MW&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MAX308M&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MAX318M&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MAX338M&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=OX-330P&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=OX350&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Soho%20Wireless%20Router&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-306&color=brighgreen)

### Description

WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.

### POC

#### Reference
- http://www.kb.cert.org/vuls/id/350135

#### Github
No PoCs found on GitHub currently.