Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-21732
A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper permission settings, third-party applications can read some files in the proc file system without authorization. Attackers could exploit this vulnerability to obtain sensitive information....
Zte Axon 11 5g Firmware
7.5
CVSSv3
CVE-2021-21727
A ZTE product has a DoS vulnerability. A remote attacker can amplify traffic by sending carefully constructed IPv6 packets to the affected devices, which eventually leads to device denial of service. This affects:<ZXHN F623><All versions up to V6.0.0P3T33>
Zte Zxhn F623 Firmware
7.5
CVSSv3
CVE-2021-21723
Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of ser...
Zte Zxr10 9904 Firmware
Zte Zxr10 9908 Firmware
Zte Zxr10 9916 Firmware
Zte Zxr10 9904-s Firmware
Zte Zxr10 9908-s Firmware
7.5
CVSSv3
CVE-2020-6881
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will...
Zte Zxhn E8810 Firmware 1.0.26
Zte Zxhn E8810 Firmware 2.0.1
Zte Zxhn E8820 Firmware 1.1.3
Zte Zxhn E8820 Firmware 2.0.13
Zte Zxhn E8822 Firmware 2.0.13
7.5
CVSSv3
CVE-2020-6882
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices b...
Zte Zxhn E8810 Firmware 1.0.26
Zte Zxhn E8810 Firmware 2.0.1
Zte Zxhn E8820 Firmware 1.1.3
Zte Zxhn E8820 Firmware 2.0.13
Zte Zxhn E8822 Firmware 2.0.13
7.5
CVSSv3
CVE-2020-12695
The Open Connectivity Foundation UPnP specification prior to 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Ui Unifi Controller -
W1.fi Hostapd
Asus Rt-n11 -
Broadcom Adsl -
Canon Selphy Cp1200 -
Cisco Wap150 -
Cisco Wap351 -
Cisco Wap131 -
Dlink Dvg-n5412sp -
Dell B1165nfw -
Epson Ew-m970a3t -
Epson Ep-101 -
Epson Xp-8500 -
Epson Xp-702 -
Epson Xp-340 -
Epson Xp-620 -
Epson Xp-320 -
Epson Xp-960 -
Epson Xp-2101 -
Epson Xp-330 -
Epson Xp-2105 -
Epson Xp-100 -
6 Github repositories
7.5
CVSSv3
CVE-2014-4019
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read backup files via a direct request for rom-0.
Zte Zxv10 W300 Firmware W300v1.0.0a Zrd Lk
1 EDB exploit
7.5
CVSSv3
CVE-2019-3411
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit the vulnerability to obtain sensitive information about the affected components.
Zte Mf920 Firmware
7.5
CVSSv3
CVE-2018-14990
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerpri...
Coolpad Defiant Firmware -
T-mobile Revvl Plus Firmware -
T-mobile Zte Zmax Pro Firmware -
7.5
CVSSv3
CVE-2018-7356
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote malicious users to spoof connections.
Zte Zxr10 8905e Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »