Filtered by vendor Zte
Subscriptions
Total
156 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45416 | 1 Zte | 10 Zxhn E1600 Firmware, Zxhn E2603 Firmware, Zxhn E2615 Firmware and 7 more | 2024-09-18 | 8.1 High |
| The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init function. The session -LUA- files are stored in the directory /var/lua_session, the function iterates on all files in this directory and executes them using the function dofile without any validation if it is a valid session file or not. An attacker who is able to write a malicious file in the sessions directory can get RCE as root. | ||||
| CVE-2024-45415 | 1 Zte | 10 Zxhn E1600 Firmware, Zxhn E2603 Firmware, Zxhn E2615 Firmware and 7 more | 2024-09-18 | 9.8 Critical |
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksum on the stack without validating it. An unauthenticated attacker can get RCE as root by exploiting this vulnerability. | ||||
| CVE-2024-45414 | 1 Zte | 10 Zxhn E1600 Firmware, Zxhn E2603 Firmware, Zxhn E2615 Firmware and 7 more | 2024-09-18 | 9.8 Critical |
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checking its length. An unauthenticated attacker can get RCE as root by exploiting this vulnerability. | ||||
| CVE-2024-45413 | 1 Zte | 10 Zxhn E1600 Firmware, Zxhn E2603 Firmware, Zxhn E2615 Firmware and 7 more | 2024-09-18 | 8.1 High |
| The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack without checking its length. An authenticated attacker can get RCE as root by exploiting this vulnerability. | ||||
| CVE-2023-41782 | 1 Zte | 2 Zxcloud Irai, Zxcloud Irai Firmware | 2024-09-17 | 3.9 Low |
| There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code. | ||||
| CVE-2017-10934 | 1 Zte | 2 Zxiptv-epg, Zxiptv-epg Firmware | 2024-09-17 | N/A |
| All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a crafted RMI request to execute arbitrary code on the target host. | ||||
| CVE-2017-10931 | 1 Zte | 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware | 2024-09-17 | N/A |
| The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration. | ||||
| CVE-2014-9184 | 1 Zte | 1 Zxdsl | 2024-09-17 | N/A |
| ZTE ZXDSL 831CII allows remote attackers to bypass authentication via a direct request to (1) main.cgi, (2) adminpasswd.cgi, (3) userpasswd.cgi, (4) upload.cgi, (5) conprocess.cgi, or (6) connect.cgi. | ||||
| CVE-2017-10936 | 1 Zte | 2 Zxcdn-sns, Zxcdn-sns Firmware | 2024-09-17 | N/A |
| SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information. | ||||
| CVE-2017-10937 | 1 Zte | 2 Zxiptv-ucm, Zxiptv-ucm Firmware | 2024-09-17 | N/A |
| SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information. | ||||
| CVE-2014-9183 | 1 Zte | 1 Zxdsl | 2024-09-17 | N/A |
| ZTE ZXDSL 831CII has a default password of admin for the admin account, which allows remote attackers to gain administrator privileges. | ||||
| CVE-2012-4746 | 1 Zte | 1 Zxdsl | 2024-09-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi in ZTE ZXDSL 831IIV7.5.0a_Z29_OV allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter. | ||||
| CVE-2012-2949 | 2 Google, Zte | 2 Android, Score M | 2024-09-16 | N/A |
| The ZTE sync_agent program for Android 2.3.4 on the Score M device uses a hardcoded ztex1609523 password to control access to commands, which allows remote attackers to gain privileges via a crafted application. | ||||
| CVE-2017-10933 | 1 Zte | 2 Zxdt22 Sf01, Zxdt22 Sf01 Firmware | 2024-09-16 | N/A |
| All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address. | ||||
| CVE-2017-10932 | 1 Zte | 12 Nr8000tr, Nr8000tr Firmware, Nr8120 and 9 more | 2024-09-16 | N/A |
| All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a crafted RMI request to execute arbitrary code on the target host. | ||||
| CVE-2017-10935 | 1 Zte | 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware | 2024-09-16 | N/A |
| All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password. | ||||
| CVE-2014-2321 | 1 Zte | 2 F460, F660 | 2024-09-16 | N/A |
| web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials. | ||||
| CVE-2017-10930 | 1 Zte | 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware | 2024-09-16 | N/A |
| The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords. | ||||
| CVE-2023-41780 | 1 Zte | 2 Zxcloud Irai, Zxcloud Irai Firmware | 2024-09-06 | 6.4 Medium |
| There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges. | ||||
| CVE-2023-25643 | 1 Zte | 4 Mc801a, Mc801a1, Mc801a1 Firmware and 1 more | 2024-08-28 | 8.4 High |
| There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands. | ||||