Vulnerabilities > ZTE

DATE CVE VULNERABILITY TITLE RISK
2019-06-11 CVE-2019-3410 Cross-Site Request Forgery (CSRF) vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users.
network
low complexity
zte CWE-352
8.8
2019-06-11 CVE-2019-3409 OS Command Injection vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability.
network
low complexity
zte CWE-78
8.8
2018-12-28 CVE-2018-7366 Incorrect Authorization vulnerability in ZTE Zxv10 B860Av2.1 Chinamobile Firmware
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV versions up to V1.2.2, the WASU versions up to V1.1.7 and the MGTV versions up to V1.4.6 have an authentication bypass vulnerability, which may allows an unauthorized user to perform unauthorized operations.
low complexity
zte CWE-863
6.8
2018-12-20 CVE-2018-7365 Untrusted Search Path vulnerability in ZTE Usmartview and Zxcloud Irai
All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.
network
low complexity
zte CWE-426
7.2
2018-12-07 CVE-2018-7364 Unspecified vulnerability in ZTE Zxin10 Resv1.01.43
All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability.
network
low complexity
zte
critical
9.8
2018-11-16 CVE-2018-7363 Incorrect Authorization vulnerability in ZTE Zxhn F670 Firmware
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability.
low complexity
zte CWE-863
8.8
2018-11-16 CVE-2018-7362 Improper Access Control vulnerability in ZTE Zxhn F670 Firmware
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router.
network
low complexity
zte CWE-284
8.8
2018-11-16 CVE-2018-7361 NULL Pointer Dereference vulnerability in ZTE Zxhn F670 Firmware
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an attacker to cause a denial of service via appviahttp service.
low complexity
zte CWE-476
6.5
2018-11-16 CVE-2018-7360 Information Exposure vulnerability in ZTE Zxhn F670 Firmware
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp service.
low complexity
zte CWE-200
6.5
2018-11-16 CVE-2018-7359 Out-of-bounds Write vulnerability in ZTE Zxhn F670 Firmware
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code.
network
low complexity
zte CWE-787
critical
9.8