CVE-2019-3404

Published: Mar 4, 2020Modified: Jun 17, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.

Affected (2)

Products: 360: P0 Router Firmware, F5c Router Firmware

360

2 products

P0 Router Firmware

F5c Router Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
360 P0 Router Firmware	Version 3.1.1.65150

Running on/with	Platform Versions
360 P0 Router	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
360 F5c Router Firmware	Version 3.1.1.65150

Running on/with	Platform Versions
360 F5c Router	All versions

References (2)

https://security.360.cn/News/news/id/218.html

Source: security@360.cn

Vendor Advisory

https://security.360.cn/News/news/id/218.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.