eWON routers with firmware versions prior to 10.1s0* suffer from cross site request forgery, session management, RBAC control, and cross site scripting vulnerabilities.