Vulnerabilities > ZTE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-26 | CVE-2020-6876 | Cross-site Scripting vulnerability in ZTE Evdc Zxcloudirosv6.03.04 A ZTE product is impacted by an XSS vulnerability. | 5.4 |
| 2020-10-05 | CVE-2020-6875 | Missing Authentication for Critical Function vulnerability in ZTE Zxone 19700 Snpe Firmware Zxone8700V1.40R2B13Snpe A ZTE product is impacted by the improper access control vulnerability. | 9.8 |
| 2020-09-01 | CVE-2020-6874 | Insufficiently Protected Credentials vulnerability in ZTE Zxiptv Firmware Zxiptvwebpv5.09.08.04 A ZTE product is impacted by the cryptographic issues vulnerability. | 9.1 |
| 2020-09-01 | CVE-2020-6873 | Unspecified vulnerability in ZTE Zxr10 2800-4 Almpufb(Low) Firmware A ZTE product has a DoS vulnerability. | 5.3 |
| 2020-07-20 | CVE-2020-6872 | Cross-site Scripting vulnerability in ZTE products The server management software module of ZTE has a storage XSS vulnerability. | 6.1 |
| 2020-07-20 | CVE-2020-6871 | Improper Authentication vulnerability in ZTE products The server management software module of ZTE has an authentication issue vulnerability, which allows users to skip the authentication of the server and execute some commands for high-level users. | 9.8 |
| 2020-06-24 | CVE-2020-6870 | Unspecified vulnerability in ZTE Netnumen U31 R10 Firmware V12.17.20T115 The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. low complexity zte | 8.0 |
| 2020-06-17 | CVE-2020-6869 | Unspecified vulnerability in ZTE Ztemarket APK 10.06 All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. | 8.1 |
| 2020-06-08 | CVE-2020-12695 | Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | 7.5 |
| 2020-06-01 | CVE-2020-6868 | Improper Input Validation vulnerability in ZTE F680 Firmware Zxhnf680V9.0.10P1N6 There is an input validation vulnerability in a PON terminal product of ZTE, which supports the creation of WAN connections through WEB management pages. | 6.5 |