There is a command execution vulnerability in a ZTE conference management system. As some services are enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending specific serialization command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zte zxv10_m910_firmware 1.2.16.01u01.01 |
||
zte zxv10_m910_firmware 1.2.19.01u01.01 |
||
zte zxv10_m910_firmware 1.2.20.01u01.01 |
||
zte zxv10_m910_firmware 1.2.21.01.04 |