VYPR

360 Safe Router

by 360 Security Technology, Inc.

CVEs (2)

  • CVE-2018-19031HigNov 4, 2019
    risk 0.57cvss 8.8epss 0.02

    A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897.

  • CVE-2019-3404HigMar 4, 2020
    risk 0.49cvss 7.5epss 0.01

    By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.