CVE-2021-21731

Summary

A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. The attacker could submit a malicious request to the affected device to delete the data. This affects: ZXCLOUD iRAI All versions up to KVM-ProductV6.03.04

Affected Software

VendorProductVersion RangeStatus
n/aZXCLOUD iRAIAll versions up to KVM-ProductV6.03.04affected

Weaknesses

  • CSRF

ADP Enrichment

CVE Program Container

Additional References

References