CVE-2019-3410

Name of the Vulnerable Software and Affected Versions ZTE WF820+ LTE Outdoor CPE product versions prior to UKBB WF820+ 1.0.0B06

Description The issue stems from the fact that web applications do not adequately verify whether requests come from trusted users, allowing an attacker to exploit this and send unexpected requests to the server through the affected client.

Recommendations For versions prior to UKBB WF820+ 1.0.0B06, update to UKBB WF820+ 1.0.0B06 or later to resolve the issue. As a temporary workaround, consider restricting access to the web application to minimize the risk of exploitation.