← back
CVE-2021-21731

CVE-2021-21731

EPSS 0.4%
A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. The attacker could submit a malicious request to the affected device to delete the data. This affects: ZXCLOUD iRAI All versions up to KVM-ProductV6.03.04
Affected products
n/a · ZXCLOUD iRAI

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014824