Vulnerabilities > ZTE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-15 | CVE-2019-3418 | Cross-site Scripting vulnerability in ZTE Zxhn F670 Firmware All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). | 5.4 |
| 2019-08-15 | CVE-2019-3417 | OS Command Injection vulnerability in ZTE Zxhn F670 Firmware All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. | 8.8 |
| 2019-07-22 | CVE-2019-3414 | Cross-site Scripting vulnerability in ZTE Otcp Firmware All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. | 2.3 |
| 2019-07-11 | CVE-2019-3415 | Path Traversal vulnerability in ZTE Zxmw Nr8000 Firmware 2.4.4.03/2.4.4.04 ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. | 2.7 |
| 2019-06-11 | CVE-2019-3413 | Cross-site Scripting vulnerability in ZTE Netnumen DAP Firmware All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. | 3.5 |
| 2019-06-11 | CVE-2019-3412 | OS Command Injection vulnerability in ZTE Mf920 Firmware All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. | 7.5 |
| 2019-06-11 | CVE-2019-3411 | Missing Authentication for Critical Function vulnerability in ZTE Mf920 Firmware All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. | 5.0 |
| 2019-06-11 | CVE-2019-3410 | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. | 6.8 |
| 2019-06-11 | CVE-2019-3409 | OS Command Injection vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. | 6.5 |
| 2018-12-28 | CVE-2018-7366 | Incorrect Authorization vulnerability in ZTE Zxv10 B860Av2.1 Chinamobile Firmware ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV versions up to V1.2.2, the WASU versions up to V1.1.7 and the MGTV versions up to V1.4.6 have an authentication bypass vulnerability, which may allows an unauthorized user to perform unauthorized operations. | 4.6 |