CNNVD-202512-4765 Information
CNNVD ID
CNNVD-202512-4765
Related CVE
- CNNVD Published: 2025-12-25
Description (Chinese)
TOZED ZLT M30S是中国通则康威(TOZED)公司的一款移动WiFi路由器。 TOZED ZLT M30S 1.47及之前版本存在访问控制错误漏洞,该漏洞源于对Web Management Interface组件文件/reqproc/proc_post中参数goformId的错误操作,可能导致信息泄露。
Description (English)
TOZED ZLT M30S is a mobile WiFi router of ToZED, a Chinese general rule. There is a bug in access control in TOZED ZLT M30S 1.47 and earlier versions, which stems from an error in the parameter goformId in the Web Management Interface component file/reqproc/proc post, which could lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
访问控制错误
Affected Vendor
通则康威
Published
2025-12-25
Last Modified
2026-02-24
References
https://www.hacklab.eu.org/blogs/zlt_m30s_information_disclosure https://vuldb.com/?id.338410 https://vuldb.com/?submit.707306 https://vuldb.com/?ctiid.338410 https://youtu.be/u_H29UdiPOc https://access.redhat.com/security/cve/cve-2025-15082
Share on: