CVE-2017-14335

On Beijing Hanbang Hanbanggaoke devices, because user-controlled input is not sufficiently sanitized, sending a PUT request to /ISAPI/Security/users/1 allows an admin password change. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt