Description
Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device.
Published: 2021-04-09
Score: 8.8 High
EPSS: 1.1% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2020-14650 Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device.
History

Sun, 05 Jul 2026 00:00:00 +0000


Subscriptions

Indionetworks Unibox U1000 Unibox U1000 Firmware Unibox U2500 Unibox U2500 Firmware Unibox U50 Unibox U500 Unibox U5000 Unibox U5000 Firmware Unibox U500 Firmware Unibox U50 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-07-09T00:10:33.764Z

Reserved: 2020-08-13T00:00:00.000Z

Link: CVE-2020-21884

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-09T13:15:13.020

Modified: 2026-06-17T03:03:59.340

Link: CVE-2020-21884

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses
  • CWE-352

    Cross-Site Request Forgery (CSRF)