Vulnerabilities > CVE-2023-25644 - Unspecified vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

zte

NVD

Published: 2023-12-14

Updated: 2023-12-18

Summary

There is a denial of service vulnerability in some ZTE mobile internet products. Due to insufficient validation of Web interface parameter, an attacker could use the vulnerability to perform a denial of service attack.

Vulnerable Configurations

Part	Description	Count
OS	Zte ZTE Mc801A Firmware Mc801A_Elisa3_B19 ZTE Mc801A1 Firmware Mc801A1_Elisa1_B04	2
Hardware	Zte ZTE Mc801A - ZTE Mc801A1 -	2

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032624