Vulnerabilities > ZTE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-22067 | Unspecified vulnerability in ZTE Nh8091 Firmware Znh8091V1.8 ZTE NH8091 product has an improper permission control vulnerability. | 8.8 |
| 2024-10-29 | CVE-2024-22066 | Authentication Bypass by Capture-replay vulnerability in ZTE products There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . | 6.5 |
| 2024-10-29 | CVE-2024-22065 | OS Command Injection vulnerability in ZTE Mf258K PRO Firmware 1.0.0B03 There is a command injection vulnerability in ZTE MF258 Pro product. | 8.8 |
| 2024-10-18 | CVE-2024-10119 | OS Command Injection vulnerability in ZTE Wrtm326 Firmware The wireless router WRTM326 from SECOM does not properly validate a specific parameter. | 9.8 |
| 2024-10-10 | CVE-2024-22068 | Weak Password Requirements vulnerability in ZTE products Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier. | 6.5 |
| 2024-09-18 | CVE-2022-39068 | Out-of-bounds Write vulnerability in ZTE Mf296R Firmware Mf296Rnordic1B06 There is a buffer overflow vulnerability in ZTE MF296R. | 6.5 |
| 2024-08-08 | CVE-2024-22069 | Unspecified vulnerability in ZTE Zxv10 Et301 Firmware and Zxv10 Xt802 Firmware There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords. | 8.8 |
| 2024-07-09 | CVE-2024-22062 | Incorrect Default Permissions vulnerability in ZTE Zxcloud Irai There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration. | 8.8 |
| 2024-06-20 | CVE-2023-25646 | Improper Preservation of Permissions vulnerability in ZTE Zxhn H388X Firmware 10.1Agzhm1.3.1 There is an unauthorized access vulnerability in ZTE H388X. | 6.4 |
| 2024-05-14 | CVE-2024-22064 | Improper Initialization vulnerability in ZTE Zxun-Epdg ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . | 6.5 |