Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-9019
Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote malicious users to hijack the authentication of administrators for requests that (1) change the admin user name or (2) conduct cross-site scripting (XSS) attacks via the sysUserName parame...
Zte Zxdsl 831cii
605
VMScore
CVE-2011-2716
The DHCP client (udhcpc) in BusyBox prior to 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 1.18.5
Busybox Busybox 1.18.4
Busybox Busybox 1.17.2
Busybox Busybox 1.18.3
Busybox Busybox 1.18.2
Busybox Busybox 1.17.0
Busybox Busybox 1.16.2
Busybox Busybox 1.16.1
Busybox Busybox 1.14.3
Busybox Busybox 1.14.2
Busybox Busybox 1.13.0
Busybox Busybox 1.12.4
Busybox Busybox 1.11.0
Busybox Busybox 1.10.4
Busybox Busybox 1.9.0
Busybox Busybox 1.8.2
Busybox Busybox 1.6.1
Busybox Busybox 1.6.0
Busybox Busybox 1.3.0
Busybox Busybox 1.2.2.1
Busybox Busybox 1.1.0
580
VMScore
CVE-2022-23139
ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that ...
Zte Zxmp M721 Firmware 5.10.030.006
580
VMScore
CVE-2017-16544
In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
578
VMScore
CVE-2019-3427
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage.
Zte Zxcdn Iamweb Firmware 6.01.03.01
578
VMScore
CVE-2019-3409
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user terminal system.
Zte Wf820\\+ Lte Outdoor Cpe Firmware
578
VMScore
CVE-2018-7365
All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.
Zte Zxcloud Irai
Zte Usmartview -
516
VMScore
CVE-2021-21731
A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. The attacker could submit a malicious request to the affected device to delete the data...
Zte Zxcloud Irai Firmware
516
VMScore
CVE-2018-7358
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.
Zte Zxhn H168n Firmware 2.2.0 Pk1.2t2
Zte Zxhn H168n Firmware 2.2.0 Pk11t7
Zte Zxhn H168n Firmware 2.2.0 Pk11t
Zte Zxhn H168n Firmware 2.2.0 Pk1.2t5
510
VMScore
CVE-2014-8493
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote malicious users to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
Zte Zxhn H108l Firmware 4.0.0d Zrq Gr4
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »