Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "*_nocommit" and supplying the parameters expected by the invoked function, an attacker can change configuration data, including SSID, Wi-Fi credentials, and administrative passwords, without authentication or an existing session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZBT WE2001 安全漏洞
Vulnerability Description
ZBT WE2001是中国智博通(ZBT)公司的一个无线路由器。 ZBT WE2001 23.09.27版本存在安全漏洞,该漏洞源于Web管理API组件缺少身份验证机制,可能导致本地网络上的未经身份验证的攻击者修改路由器和网络配置。
CVSS Information
N/A
Vulnerability Type
N/A