CVE-2021-47820

MEDIUM WAF: Low

CVSS 5.3 Published: 2026-01-16

CWE-352

Ubee EVW327 contains a cross-site request forgery vulnerability that allows attackers to enable remote access without user interaction. Attackers can craft a malicious webpage that automatically submits a form to change router remote access settings to port 8080 without the user's consent.

WAF Coverage Analysis

Cross-Site Request Forgery (CSRF) Low WAF Coverage

OWASP: A01:2021 Broken Access Control

References

www.exploit-db.com
www.ubeeinteractive.com
www.vulncheck.com

Back to CVE Database