VYPR

N300 Rounter

by U Speed

CVEs (1)

  • CVE-2026-36960HigApr 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An…