MEDIUM🇬🇧 English

CVE-2023-7092

CVSS 4.3v3.1pub. 2023-12-24upd. 2024-11-21

A vulnerability was found in Uniway UW-302VP 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /boaform/wlan_basic_set.cgi of the component Admin Web Interface. The manipulation of the argument wlanssid/password leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248939. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
  • Uniwayinfo Uw 302vp

    HW
    Uniwayinfo
    wszystkie wersje
  • Uniwayinfo Uw 302vp Firmware

    OS
    Uniwayinfo
    2.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-7209HIGH7.5ten sam produkt

A vulnerability was found in Uniway Router up to 2.0. It has been rated as critical. Affected by this issue is...

CVE-2023-7211MEDIUM5.6ten sam produkt

A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects u...