Vulnerabilities > CVE-2021-21744 - Unspecified vulnerability in ZTE Mf971R Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

zte

NVD

Published: 2021-10-20

Updated: 2024-11-21

Summary

ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled.

Vulnerable Configurations

Part	Description	Count
OS	Zte ZTE Mf971R Firmware V1.0.0B05 ZTE Mf971R Firmware 1V1.0.0B06 ZTE Mf971R Firmware 2V1.0.0B03 ZTE Mf971R Firmware S2V1.0.0B03 ZTE Mf971R Firmware Sv1.0.0B05	5
Hardware	Zte ZTE Mf971R *	1

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764