Vulnerabilities > ZTE > Mf286R Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-14 | CVE-2023-25651 | SQL Injection vulnerability in ZTE Mf286R Firmware and Mf833U1 Firmware There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak. | 8.0 |
| 2023-08-25 | CVE-2023-25649 | Command Injection vulnerability in ZTE Mf286R Firmware Crlvwrgbmf286Rv1.0.0B04 There is a command injection vulnerability in a mobile internet product of ZTE. | 8.8 |
| 2023-01-06 | CVE-2022-39072 | SQL Injection vulnerability in ZTE Mf286R Firmware and Mf289D Firmware There is a SQL injection vulnerability in Some ZTE Mobile Internet products. | 5.4 |
| 2023-01-06 | CVE-2022-39073 | Command Injection vulnerability in ZTE Mf286R Firmware Nordicmf286Rb06 There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands. | 9.8 |
| 2022-11-22 | CVE-2022-39066 | SQL Injection vulnerability in ZTE Mf286R Firmware There is a SQL injection vulnerability in ZTE MF286R. | 8.8 |
| 2022-11-22 | CVE-2022-39067 | Classic Buffer Overflow vulnerability in ZTE Mf286R Firmware There is a buffer overflow vulnerability in ZTE MF286R. | 6.5 |