Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4154
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
NA
CVE-2014-4155
Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote malicious users to hijack the authentication of administrators for requests that change the admin password via a request to Forms/tools_admin_1.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
7.2
CVSSv3
CVE-2018-7365
All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.
Zte Zxcloud Irai
Zte Usmartview -
2.3
CVSSv3
CVE-2021-21726
Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illegal parameters. This affec...
Zte Zxone 9700 Firmware 1.40.021.021cp049
Zte Zxone 8700 Firmware 1.40.021.021cp049
Zte Zxone 19700 Firmware 1.0p02b219 \\@ncpm-release 2.40r1-20200914.set
NA
CVE-2014-9020
Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote malicious users to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due...
Zte Zxdsl 831cii -
Zte Zxdsl 831 -
7.2
CVSSv3
CVE-2021-21736
A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have been revoked can still control the camera, such as restarting the camera, restori...
Zte Zxhn Hs562 Firmware 1.0.0.0b2.0000
Zte Zxhn Hs562 Firmware 1.0.0.0b3.0000
7.5
CVSSv3
CVE-2021-21737
A smart STB product of ZTE is impacted by a permission and access control vulnerability. Due to insufficient protection of system application, attackers could use this vulnerability to tamper with the system desktop and affect system customization functions. This affects: ZXV10 B...
Zte Zxv10 B860h V5.0 Firmware V83011303.0010
Zte Zxv10 B860h V5.0 Firmware V83011303.0016
6.5
CVSSv3
CVE-2020-6865
ZTE SDN controller platform is impacted by an information leakage vulnerability. Due to the program's failure to optimize the response of failure to the request, the caller can directly view the internal error code location of the component. Attackers could exploit this vuln...
Zte Oscp 16.19.10
Zte Oscp 16.19.20
3.5
CVSSv3
CVE-2020-6879
Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a sta...
Zte Zxhn Z500 Firmware V1.0.0.2b1.1000
Zte Zxhn F670l Firmware V1.1.10p1n2e
6.1
CVSSv3
CVE-2023-41781
There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered.
Zte Mf258 Firmware Zte Std V1.0.0b08
Zte Mf258 Firmware Zte Std V1.0.0b10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »