Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-39073
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands.
Zte Mf286r Firmware Nordic Mf286r B06
1 Github repository
7.5
CVSSv3
CVE-2022-45957
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow.
Zte Zxhn-h108ns Firmware H108nsv1.0.7u Zrd Gr2 A68
6.5
CVSSv3
CVE-2022-23143
ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files.
Zte Otcp Firmware
8.8
CVSSv3
CVE-2022-39066
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection.
Zte Mf286r Firmware
1 Github repository
6.5
CVSSv3
CVE-2022-39067
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.
Zte Mf286r Firmware
9.8
CVSSv3
CVE-2022-39070
There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation.
Zte Zxa10 C350m Firmware
Zte Zxa10 C300m Firmware
5.3
CVSSv3
CVE-2022-39069
There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.
Zte Zaip-aie
9.1
CVSSv3
CVE-2022-23144
There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.
Zte Zxa10 B76hv3 Firmware
Zte Zxa10 B766v2 Firmware
Zte Zxa10 B800v2 Firmware
Zte Zxa10 B860av2.1 Firmware
Zte Zxa10 B860h Firmware
Zte Zxa10 B866v2-h Firmware
Zte Zxa10 B866v5-w10 Firmware
Zte Zxa10 B960gv1 Firmware
Zte Zxa10 B710c-a12 Firmware
Zte Zxa10 B710s2-a19 Firmware
Zte Zxa10 B836ct-a15 Firmware
Zte Zxa10 S100v Firmware
Zte Zxa10 S200a Firmware
Zte Zxa10 S200t Firmware
Zte Zxa10 B700v7 Firmware
5.3
CVSSv3
CVE-2022-23142
ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible.
Zte Zxen Cg200 Firmware
7.5
CVSSv3
CVE-2022-23141
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.
Zte Zxmp M721 Firmware Commond21bootv100004 Ls1045
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »