CVE-2021-21745

Summary

ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.

Affected Software

VendorProductVersion RangeStatus
n/aMF971RBD_ZTE_MF971RV1.0.0B05, BD_PLKPLMF971R1V1.0.0B06, BD_MF971R2V1.0.0B03, BD_ZTE_MF971RS2V1.0.0B03, BD_ZTE_MF971RSV1.0.0B05affected

Weaknesses

  • Referer authentication bypass

ADP Enrichment

CVE Program Container

Additional References

References