Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte mf286r firmware vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-39072
There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vulnerability to execute stored XSS attacks.
Zte Mf286r Firmware Nordic Mf286r B06
Zte Mf289d Firmware Cr Tmoczmf289dv1.0.0b07
9.8
CVSSv3
CVE-2022-39073
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands.
Zte Mf286r Firmware Nordic Mf286r B06
1 Github repository
6.5
CVSSv3
CVE-2022-39067
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.
Zte Mf286r Firmware
8.8
CVSSv3
CVE-2022-39066
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection.
Zte Mf286r Firmware
1 Github repository
8
CVSSv3
CVE-2023-25651
There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak.
Zte Mf833u1 Firmware Bd Mf833u1v1.0.0b01
Zte Mf286r Firmware Cr Lvwrgbmf286rv1.0.0b04
8.8
CVSSv3
CVE-2023-25649
There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.
Zte Mf286r Firmware Cr Lvwrgbmf286rv1.0.0b04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started