CVE-2023-7211

Name of the Vulnerable Software and Affected Versions Uniway Router version 2.0

Description A critical vulnerability was found in the Administrative Web Interface component of the Uniway Router. The issue leads to reliance on IP address for authentication, allowing for remote attacks. The complexity of an attack is rather high, and the exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations For Uniway Router version 2.0, consider restricting access to the Administrative Web Interface to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the reliance on IP address for authentication. At the moment, there is no information about a newer version that contains a fix for this vulnerability.