Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-7259
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs.
Zte Zxv10 W300 Firmware W300v2.1.0f Er7 Pe O57
Zte Zxv10 W300 Firmware W300v2.1.0h Er7 Pe O57
1 EDB exploit
5.5
CVSSv3
CVE-2020-6867
ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is frequently called by other applications in the case of mass traffic data in the system, it will result in no response for a long time and memory overflow risk. This affects: ZENIC O...
Zte Zenic One R22b 6.19.10p02sp005
Zte Zenic One R22b 16.19.10p02sp002
7.5
CVSSv3
CVE-2017-10933
All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote malicious users to read arbitrary files on the system via a full path name after host address.
Zte Zxdt22 Sf01 Firmware
7.5
CVSSv3
CVE-2015-7248
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote malicious users to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
4.9
CVSSv3
CVE-2015-7249
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote authenticated users to bypass intended access restrictions via a modified request, as demonstrated by leveraging the support account to change a password via a cgi-bin/webproc accountpsd action.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2015-7250
Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote malicious users to read arbitrary files via a full pathname in the getpage parameter.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2015-7251
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote malicious users to obtain administrative access via a TELNET session.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
6.1
CVSSv3
CVE-2015-7252
Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote malicious users to inject arbitrary web script or HTML via the errorpage parameter.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
4.4
CVSSv3
CVE-2021-21724
A ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900...
Zte Zxr10 8900e Firmware
7.5
CVSSv3
CVE-2021-21727
A ZTE product has a DoS vulnerability. A remote attacker can amplify traffic by sending carefully constructed IPv6 packets to the affected devices, which eventually leads to device denial of service. This affects:<ZXHN F623><All versions up to V6.0.0P3T33>
Zte Zxhn F623 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »