Vulnerabilities > ZTE

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-22067 Unspecified vulnerability in ZTE Nh8091 Firmware Znh8091V1.8
ZTE NH8091 product has an improper permission control vulnerability.
network
low complexity
zte
8.8
2024-10-29 CVE-2024-22066 Authentication Bypass by Capture-replay vulnerability in ZTE products
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router .
network
low complexity
zte CWE-294
6.5
2024-10-29 CVE-2024-22065 OS Command Injection vulnerability in ZTE Mf258K PRO Firmware 1.0.0B03
There is a command injection vulnerability in ZTE MF258 Pro product.
network
low complexity
zte CWE-78
8.8
2024-10-18 CVE-2024-10119 OS Command Injection vulnerability in ZTE Wrtm326 Firmware
The wireless router WRTM326 from SECOM does not properly validate a specific parameter.
network
low complexity
zte CWE-78
critical
9.8
2024-10-10 CVE-2024-22068 Weak Password Requirements vulnerability in ZTE products
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.
network
low complexity
zte CWE-521
6.5
2024-09-18 CVE-2022-39068 Out-of-bounds Write vulnerability in ZTE Mf296R Firmware Mf296Rnordic1B06
There is a buffer overflow vulnerability in ZTE MF296R.
network
low complexity
zte CWE-787
6.5
2024-08-08 CVE-2024-22069 Unspecified vulnerability in ZTE Zxv10 Et301 Firmware and Zxv10 Xt802 Firmware
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.
network
low complexity
zte
8.8
2024-07-09 CVE-2024-22062 Incorrect Default Permissions vulnerability in ZTE Zxcloud Irai
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration.
local
low complexity
zte CWE-276
8.8
2024-06-20 CVE-2023-25646 Improper Preservation of Permissions vulnerability in ZTE Zxhn H388X Firmware 10.1Agzhm1.3.1
There is an unauthorized access vulnerability in ZTE H388X.
high complexity
zte CWE-281
6.4
2024-05-14 CVE-2024-22064 Improper Initialization vulnerability in ZTE Zxun-Epdg
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet .
low complexity
zte CWE-665
6.5