CVE-2016-2275

Name of the Vulnerable Software and Affected Versions VESP211-EU devices version 1.7.2 VESP211-232 devices versions 1.5.1 through 1.7.2

Description The issue is related to the web interface of the affected devices, which relies on client-side access control. This allows remote attackers to perform administrative actions by modifying JavaScript code. The vulnerability can be exploited to execute administrative actions remotely.

Recommendations For VESP211-EU devices version 1.7.2, consider disabling the web interface until a patch is available. For VESP211-232 devices versions 1.5.1 through 1.7.2, restrict access to the web interface to minimize the risk of exploitation.