Cross site request forgery (csrf)

A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. The attacker could submit a malicious request to the affected device to delete the data. This affects:...

PT-2021-14742 · Zxcloud · Zxcloud Irai

Name of the Vulnerable Software and Affected Versions: ZXCLOUD iRAI versions prior to KVM-ProductV6.03.04 Description: A CSRF issue exists in the management page of the product due to insufficient verification of request origins, allowing an attacker to submit malicious requests and potentially...