Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-39072
There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vulnerability to execute stored XSS attacks.
Zte Mf286r Firmware Nordic Mf286r B06
Zte Mf289d Firmware Cr Tmoczmf289dv1.0.0b07
9.8
CVSSv3
CVE-2022-39073
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands.
Zte Mf286r Firmware Nordic Mf286r B06
1 Github repository
7.5
CVSSv3
CVE-2022-45957
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow.
Zte Zxhn-h108ns Firmware H108nsv1.0.7u Zrd Gr2 A68
6.5
CVSSv3
CVE-2022-23143
ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files.
Zte Otcp Firmware
8.8
CVSSv3
CVE-2022-39066
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection.
Zte Mf286r Firmware
1 Github repository
6.5
CVSSv3
CVE-2022-39067
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.
Zte Mf286r Firmware
9.8
CVSSv3
CVE-2022-39070
There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation.
Zte Zxa10 C350m Firmware
Zte Zxa10 C300m Firmware
5.3
CVSSv3
CVE-2022-39069
There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.
Zte Zaip-aie
9.1
CVSSv3
CVE-2022-23144
There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.
Zte Zxa10 B76hv3 Firmware
Zte Zxa10 B766v2 Firmware
Zte Zxa10 B800v2 Firmware
Zte Zxa10 B860av2.1 Firmware
Zte Zxa10 B860h Firmware
Zte Zxa10 B866v2-h Firmware
Zte Zxa10 B866v5-w10 Firmware
Zte Zxa10 B960gv1 Firmware
Zte Zxa10 B710c-a12 Firmware
Zte Zxa10 B710s2-a19 Firmware
Zte Zxa10 B836ct-a15 Firmware
Zte Zxa10 S100v Firmware
Zte Zxa10 S200a Firmware
Zte Zxa10 S200t Firmware
Zte Zxa10 B700v7 Firmware
5.3
CVSSv3
CVE-2022-23142
ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible.
Zte Zxen Cg200 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »