Unauthenticated Abuse of Background App CGI Functions in 360 Router P0 and F5C

Unauthenticated Abuse of Background App CGI Functions in 360 Router P0 and F5C

CVE-2019-3404 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.

Learn more about our Cis Benchmark Audit For F5.