CVE-2019-6279

Name of the Vulnerable Software and Affected Versions ChinaMobile PLC Wireless Router GPN2.4P21-C-CN version W2001EN-00

Description The issue is related to an Incorrect Access Control problem. It can be exploited via the "cgi-bin/webproc?getpage=html/index.html&subpage=wlsecurity" URI, allowing an attacker to change the Wireless Security Password.

Recommendations For ChinaMobile PLC Wireless Router GPN2.4P21-C-CN version W2001EN-00, as a temporary workaround, consider restricting access to the "cgi-bin/webproc?getpage=html/index.html&subpage=wlsecurity" URI until a patch is available. Avoid using this URI in the affected device until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.