Referer Authentication Bypass Vulnerability in ZTE MF971R

Referer Authentication Bypass Vulnerability in ZTE MF971R

CVE-2021-21745 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.

Learn more about our User Device Pen Test.