Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte zxhn f670 firmware vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-3417
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system.
Zte Zxhn F670 Firmware
9.8
CVSSv3
CVE-2018-7359
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an malicious user to execute arbitrary code.
Zte Zxhn F670 Firmware
6.5
CVSSv3
CVE-2018-7360
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated malicious user to get the GPON SN information via appviahttp service.
Zte Zxhn F670 Firmware
6.5
CVSSv3
CVE-2018-7361
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an malicious user to cause a denial of service via appviahttp service.
Zte Zxhn F670 Firmware
8.8
CVSSv3
CVE-2018-7362
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router.
Zte Zxhn F670 Firmware
8.8
CVSSv3
CVE-2018-7363
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Since appviahttp service has no authorization delay, an attacker can be allowed to brute force account credentials.
Zte Zxhn F670 Firmware
5.4
CVSSv3
CVE-2019-3418
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts.
Zte Zxhn F670 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started