Vulnerabilities (CVE)

Vendor filter

Zte Subscribe

Filter

42 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-3418 1 Zte 1 Zxhn F670 Firmware 2019-10-09 3.5
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts.
CVE-2019-3417 1 Zte 1 Zxhn F670 Firmware 2019-10-09 9.0
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system.
CVE-2019-3416 1 Zte 1 Zxv10 B860a Firmware 2019-10-09 10.0
All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system.
CVE-2019-3413 1 Zte 1 Netnumen Dap Firmware 2019-10-09 3.5
All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked.
CVE-2018-7365 1 Zte 2 Usmartview, Zxcloud Irai 2019-10-09 6.5
All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.
CVE-2018-7364 1 Zte 1 Zxin10 2019-10-09 10.0
All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this...
CVE-2018-7361 1 Zte 1 Zxhn F670 Firmware 2019-10-09 3.3
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an attacker to cause a denial of service via appviahttp service.
CVE-2018-7359 1 Zte 1 Zxhn F670 Firmware 2019-10-09 7.5
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code.
CVE-2018-7358 1 Zte 1 Zxhn H168n Firmware 2019-10-09 5.8
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.
CVE-2018-7357 1 Zte 1 Zxhn H168n Firmware 2019-10-09 3.3
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access.
CVE-2018-7356 1 Zte 1 Zxr10 8905e Firmware 2019-10-09 5.0
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections.
CVE-2017-3216 6 Zyxel, Mada, Huawei and 3 more 15 Max308m Fimware, Soho Wireless Router Firmware, Hes-309m Firmware and 12 more 2019-10-09 10.0
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator...
CVE-2017-10930 1 Zte 1 Zxr10 1800-2s Firmware 2019-10-03 5.0
The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords.
CVE-2019-3414 1 Zte 1 Otcp Firmware 2019-07-25 2.3
All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. Due to XSS, when an attacker invokes the security management to obtain the resources of the specified operation code owned by a user, the malicious script code...
CVE-2019-3415 1 Zte 1 Zxmw Nr8000 Firmware 2019-07-17 2.7
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files.
CVE-2018-7355 1 Zte 2 Mf65 Firmware, Mf65m1 Firmware 2019-01-10 4.3
All versions up to V1.0.0B05 of ZTE MF65 and all versions up to V1.0.0B02 of ZTE MF65M1 are impacted by cross-site scripting vulnerability. Due to improper neutralization of input during web page generation, an attacker could exploit this...
CVE-2014-9020 1 Zte 2 Zxdsl 831cii, Zxdsl 831 2018-10-09 4.3
Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT...
CVE-2014-9019 1 Zte 1 Zxdsl 2018-10-09 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin user name or (2) conduct cross-site scripting (XSS)...
CVE-2017-16953 1 Zte 1 Zxdsl 831cii Firmware 2017-12-28 5.0
connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request.
CVE-2017-10933 1 Zte 1 Zxdt22 Sf01 Firmware 2017-11-08 5.0
All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address.