Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
COMFAST CF-WR6110N 授权问题漏洞
Vulnerability Description
COMFAST CF-WR6110N是中国四海众联(COMFAST)公司的一款无线路由器。 COMFAST CF-WR6110N V2.3.1版本存在安全漏洞,该漏洞源于不正确的访问控制,允许同一网络上的远程攻击者对未经身份验证的页面执行任何HTTP请求,以强制服务器生成 SESSION_ID,然后攻击者可以使用此SESSION_ID执行经过身份验证的请求。
CVSS Information
N/A
Vulnerability Type
N/A