CVE-2014-9027

2014-11-20T17:50:00
ID CVE-2014-9027
Type cve
Reporter cve@mitre.org
Modified 2017-09-08T01:29:00

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that disable modem lan ports via the (1) enblftp, (2) enblhttp, (3) enblsnmp, (4) enbltelnet, (5) enbltftp, (6) enblicmp, or (7) enblssh parameter to accesslocal.cmd.