The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: zte

Published: 2017-09-19T14:00:00Z

Updated: 2024-09-16T17:33:43.111Z

Reserved: 2017-07-05T00:00:00

Link: CVE-2017-10930

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2017-09-19T14:29:00.227

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-10930

cve-icon Redhat

No data.