CVE-2019-3410

Summary

All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. An attacker can exploit this vulnerability to send unexpected requests to the server through the affected client.

Affected Software

VendorProductVersion RangeStatus
ZTEZTE WF820+ LTE Outdoor CPEunspecified <= UKBB_WF820+_1.0.0B06affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References