CVE-2019-3404

Description

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.

Affected products

• 360 Security Technology, Inc. / 360 Router F5C360POP-F5C-V3.1.1.65150 – 360POP-F5C-V3.1.1.65150

References

• MISChttps://security.360.cn/News/news/id/218.html