1. Home
  2. CVE Database
  3. CVE-2019-3410
MEDIUM · 4.6

CVE-2019-3410

All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately...

Vulnerability Description

All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. An attacker can exploit this vulnerability to send unexpected requests to the server through the affected client.

CVSS Score

4.6

MEDIUM

CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
ZteWf820\+ Lte Outdoor Cpe Firmware< 1.0.0b06
ZteWf820\+ Lte Outdoor Cpe-

Related Weaknesses (CWE)

CWE-352

References

FAQ

What is CVE-2019-3410?

CVE-2019-3410 is a vulnerability with a CVSS score of 4.6 (MEDIUM). All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately...

How severe is CVE-2019-3410?

CVE-2019-3410 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-3410?

Check the references section above for vendor advisories and patch information. Affected products include: Zte Wf820\+ Lte Outdoor Cpe Firmware, Zte Wf820\+ Lte Outdoor Cpe.