Filtered by vendor Zte
Subscriptions
Total
162 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6866 | 1 Zte | 2 Zxctn 6500, Zxctn 6500 Firmware | 2024-11-21 | 4.9 Medium |
| A ZTE product is impacted by a resource management error vulnerability. An attacker could exploit this vulnerability to cause a denial of service by issuing a specific command. This affects: ZXCTN 6500 version V2.10.00R3B87. | ||||
| CVE-2020-6865 | 1 Zte | 1 Oscp | 2024-11-21 | 6.5 Medium |
| ZTE SDN controller platform is impacted by an information leakage vulnerability. Due to the program's failure to optimize the response of failure to the request, the caller can directly view the internal error code location of the component. Attackers could exploit this vulnerability to obtain sensitive information. This affects: OSCP versions V16.19.10 and V16.19.20. | ||||
| CVE-2020-6864 | 1 Zte | 2 E8820v3, E8820v3 Firmware | 2024-11-21 | 6.5 Medium |
| ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router. | ||||
| CVE-2020-6863 | 1 Zte | 2 E8820v3, E8820v3 Firmware | 2024-11-21 | 6.5 Medium |
| ZTE E8820V3 router product is impacted by a permission and access control vulnerability. Attackers could use this vulnerability to tamper with DDNS parameters and send DoS attacks on the specified URL. | ||||
| CVE-2020-6862 | 1 Zte | 2 F6x2w, F6x2w Firmware | 2024-11-21 | 5.3 Medium |
| V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. Unauthorized users could log in directly to obtain page information without entering a verification code. | ||||
| CVE-2020-12695 | 22 Asus, Broadcom, Canon and 19 more | 218 Rt-n11, Adsl, Selphy Cp1200 and 215 more | 2024-11-21 | 7.5 High |
| The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | ||||
| CVE-2019-3431 | 1 Zte | 1 Zxcloud Goldendata Vap | 2024-11-21 | 9.8 Critical |
| All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. Attackers could sniff unencrypted account and password through the network for front-end system access. | ||||
| CVE-2019-3430 | 1 Zte | 1 Zxcloud Goldendata Vap | 2024-11-21 | 4.9 Medium |
| All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system. | ||||
| CVE-2019-3429 | 1 Zte | 1 Zxcloud Goldendata Vap | 2024-11-21 | 5.3 Medium |
| All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Attackers could obtain log file information without authorization, causing the disclosure of sensitive information. | ||||
| CVE-2019-3428 | 1 Zte | 2 Zxcdn Iamweb, Zxcdn Iamweb Firmware | 2024-11-21 | 6.5 Medium |
| The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage. | ||||
| CVE-2019-3427 | 1 Zte | 2 Zxcdn Iamweb, Zxcdn Iamweb Firmware | 2024-11-21 | 7.2 High |
| The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage. | ||||
| CVE-2019-3426 | 1 Zte | 2 Zxupn-9000e, Zxupn-9000e Firmware | 2024-11-21 | 8.8 High |
| The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations. | ||||
| CVE-2019-3425 | 1 Zte | 2 Zxupn-9000e, Zxupn-9000e Firmware | 2024-11-21 | 8.8 High |
| The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts. | ||||
| CVE-2019-3422 | 1 Zte | 2 Mf910s, Mf910s Firmware | 2024-11-21 | 6.2 Medium |
| The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can obtain the Telnet remote login password in the reverse way. If Telnet is opened, the attacker can remotely log in to the device through the cracked password, resulting in information leakage. The MF910S was end of service on October 23, 2019, ZTE recommends users to choose new products for the purpose of better security. | ||||
| CVE-2019-3420 | 1 Zte | 2 Zxhn H108n, Zxhn H108n Firmware | 2024-11-21 | 6.5 Medium |
| All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized operations. | ||||
| CVE-2019-3419 | 1 Zte | 2 Zxmp M721 Dx, Zxmp M721 Dx Firmware | 2024-11-21 | 5.7 Medium |
| A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific packets to cause a denial of service. | ||||
| CVE-2019-3418 | 1 Zte | 2 Zxhn F670, Zxhn F670 Firmware | 2024-11-21 | 5.4 Medium |
| All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts. | ||||
| CVE-2019-3417 | 1 Zte | 2 Zxhn F670, Zxhn F670 Firmware | 2024-11-21 | 8.8 High |
| All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system. | ||||
| CVE-2019-3416 | 1 Zte | 2 Zxv10 B860a, Zxv10 B860a Firmware | 2024-11-21 | 9.8 Critical |
| All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system. | ||||
| CVE-2019-3415 | 1 Zte | 2 Zxmw Nr8000, Zxmw Nr8000 Firmware | 2024-11-21 | N/A |
| ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files. | ||||