Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte zxv10 w300 - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4154
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
NA
CVE-2014-4155
Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote malicious users to hijack the authentication of administrators for requests that change the admin password via a request to Forms/tools_admin_1.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
NA
CVE-2014-4018
The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
7.5
CVSSv3
CVE-2015-7257
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "...
Zte Zxv10 W300 Firmware W300v2.1.0f Er7 Pe O57
Zte Zxv10 W300 Firmware W300v2.1.0h Er7 Pe O57
1 EDB exploit
8.8
CVSSv3
CVE-2015-7259
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs.
Zte Zxv10 W300 Firmware W300v2.1.0f Er7 Pe O57
Zte Zxv10 W300 Firmware W300v2.1.0h Er7 Pe O57
1 EDB exploit
8.8
CVSSv3
CVE-2015-7258
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.
Zte Zxv10 W300 Firmware W300v2.1.0f Er7 Pe O57
Zte Zxv10 W300 Firmware W300v2.1.0h Er7 Pe O57
1 EDB exploit
NA
CVE-2014-0329
The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote malicious users to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the pass...
Zte Zxv10 W300 2.1.0
1 EDB exploit
6.5
CVSSv3
CVE-2015-8703
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-...
Zte Zxhn H108n R1a Firmware
Zte Zxv10 W300 Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2014-4019
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read backup files via a direct request for rom-0.
Zte Zxv10 W300 Firmware W300v1.0.0a Zrd Lk
1 EDB exploit
7.5
CVSSv3
CVE-2015-7248
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote malicious users to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »