Vulnerabilities > CVE-2019-3428 - Unspecified vulnerability in ZTE Zxcdn Iamweb Firmware 6.01.03.01

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

zte

NVD

Published: 2019-11-22

Updated: 2022-03-31

Summary

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage.

Vulnerable Configurations

Part	Description	Count
OS	Zte ZTE Zxcdn Iamweb Firmware 6.01.03.01	1
Hardware	Zte ZTE Zxcdn Iamweb -	1

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011863