Vulnerabilities > ZTE > Wf820 LTE Outdoor CPE Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2019-06-11 CVE-2019-3410 Cross-Site Request Forgery (CSRF) vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users.
network
low complexity
zte CWE-352
8.8
2019-06-11 CVE-2019-3409 OS Command Injection vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability.
network
low complexity
zte CWE-78
8.8