Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Uniway UW-302VP Admin Web Interface wlan_basic_set.cgi cross-site request forgery
Vulnerability Description
A vulnerability was found in Uniway UW-302VP 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /boaform/wlan_basic_set.cgi of the component Admin Web Interface. The manipulation of the argument wlanssid/password leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248939. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Uniway UW-302VP 跨站请求伪造漏洞
Vulnerability Description
Uniway UW-302VP是Uniway公司的一款用于网络生产的最新技术的光纤调制解调器。 Uniway UW-302VP 2.0版本存在跨站请求伪造漏洞,该漏洞源于/boaform/wlan_basic_set.cgi 中存在某些未知处理,通过参数 wlanssid/password 导致跨站请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A