Vulnerabilities > CVE-2021-21751 - Unspecified vulnerability in ZTE Zxin10 CMS

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

zte

NVD

Published: 2021-12-27

Updated: 2023-08-08

Summary

ZTE BigVideo analysis product has an input verification vulnerability. Due to the inconsistency between the front and back verifications when configuring the large screen page, an attacker with high privileges could exploit this vulnerability to tamper with the URL and cause service exception.

Vulnerable Configurations

Part	Description	Count
Application	Zte ZTE Zxin10 CMS *	1

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884