Vulnerabilities > ZTE > Mf286R Firmware > nordic.mf286r.b06

DATE CVE VULNERABILITY TITLE RISK
2023-01-06 CVE-2022-39072 SQL Injection vulnerability in ZTE Mf286R Firmware and Mf289D Firmware
There is a SQL injection vulnerability in Some ZTE Mobile Internet products.
network
low complexity
zte CWE-89
5.4
2023-01-06 CVE-2022-39073 Command Injection vulnerability in ZTE Mf286R Firmware Nordicmf286Rb06
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands.
network
low complexity
zte CWE-77
critical
9.8