CVE-2021-47820 MEDIUM

CVE-2021-47820: Ubee EVW327 - 'Enable Remote Access' Cross-Site Request Forgery (CSRF)

Vendor Ubeeinteractive
Product Ubee EVW327
Weakness CWE-352 · CSRF
Published January 16, 2026
Last update January 16, 2026

CVSS base score

5.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Ubee EVW327 contains a cross-site request forgery vulnerability that allows attackers to enable remote access without user interaction. Attackers can craft a malicious webpage that automatically submits a form to change router remote access settings to port 8080 without the user's consent.

Key dates

02Disclosure timeline

January 16, 2026 CVE published
January 16, 2026 Record updated

Related vulnerabilities

04Related CVE