Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated attackers to access administrative information-retrieval functions intended for authenticated users. By invoking "get_*" operations, attackers can obtain device configuration data, including plaintext credentials, without authentication or an existing session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZBT WE2001 安全漏洞
Vulnerability Description
ZBT WE2001是中国智博通(ZBT)公司的一个无线路由器。 ZBT WE2001 23.09.27版本存在安全漏洞,该漏洞源于Web API组件缺少会话验证,可能导致未经身份验证的远程攻击者获取设备配置数据。
CVSS Information
N/A
Vulnerability Type
N/A