eWON devices with firmware through 10.1s0 support unspecified GET requests, which might allow remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
eWON routers with firmware versions prior to 10.1s0* suffer from cross site request forgery, session management, RBAC control, and cross site scripting vulnerabilities.