A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. The attacker could submit a malicious request to the affected device to delete the data. This affects: ZXCLOUD iRAI All versions up to KVM-ProductV6.03.04
[
{
"product": "ZXCLOUD iRAI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions up to KVM-ProductV6.03.04"
}
]
}
]