Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-25650
There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not escape special strings or restrict paths, an attacker with user permission could access the download interface by modifying the request parameter, causing arbitrary file downloads.
Zte Zxcloud Irai Firmware
6.5
CVSSv3
CVE-2022-23143
ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files.
Zte Otcp Firmware
6.5
CVSSv3
CVE-2022-39067
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.
Zte Mf286r Firmware
6.5
CVSSv3
CVE-2022-23135
There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the lack of verification of user modified destination path, an attacker with specific permissions could modify the FTP access path to access and modify the system path contents without autho...
Zte Zxhn F677 Firmware
Zte Zxhn F477 Firmware
6.5
CVSSv3
CVE-2021-21735
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N ...
Zte Zxhn H168n Firmware
6.5
CVSSv3
CVE-2021-21734
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZX...
Zte Zxa10 F821 Firmware 1.7.0p3t22
Zte Zxa10 F822 Firmware 1.4.3t6
Zte Zxa10 F819 Firmware 1.2.1t5
Zte Zxa10 F832 Firmware 1.1.1t7
Zte Zxa10 F839 Firmware 1.1.0t8
Zte Zxa10 F809 Firmware 3.2.1t1
Zte Zxa10 F822p Firmware 1.1.1t7
Zte Zxa10 F832v2 Firmware 2.00.00.01
6.5
CVSSv3
CVE-2021-21729
Some ZTE products have CSRF vulnerability. Because some pages lack CSRF random value verification, attackers could perform illegal authorization operations by constructing messages.This affects: ZXHN H168N V3.5.0_EG1T5_TE, V2.5.5, ZXHN H108N V2.5.5_BTMT1
Zte Zxhn H168n Firmware 3.5.0 Eg1t5 Te
Zte Zxhn H108n Firmware 2.5.5 Btmt1
6.5
CVSSv3
CVE-2020-6868
There is an input validation vulnerability in a PON terminal product of ZTE, which supports the creation of WAN connections through WEB management pages. The front-end limits the length of the WAN connection name that is created, but the HTTP proxy is available to be used to bypa...
Zte F680 Firmware Zxhn F680v9.0.10p1n6
6.5
CVSSv3
CVE-2020-6865
ZTE SDN controller platform is impacted by an information leakage vulnerability. Due to the program's failure to optimize the response of failure to the request, the caller can directly view the internal error code location of the component. Attackers could exploit this vuln...
Zte Oscp 16.19.10
Zte Oscp 16.19.20
6.5
CVSSv3
CVE-2020-6863
ZTE E8820V3 router product is impacted by a permission and access control vulnerability. Attackers could use this vulnerability to tamper with DDNS parameters and send DoS attacks on the specified URL.
Zte E8820v3 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »