CVE-2021-31584

Description

Sipwise C5 NGCP www_admin version 3.6.7 allows call/click2dial CSRF attacks for actions with administrative privileges.

References

http://packetstormsecurity.com/files/162318/Sipwise-C5-NGCP-CSC-Cross-Site-Request-Forgery.html

ExploitThird Party AdvisoryVDB Entry

https://www.zeroscience.mk/en/vulnerabilities

ExploitThird Party Advisory

https://www.sipwise.com

Product

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5649.php

Third Party Advisory

CvssV3 impact

CvssV2 impact