High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-21	CVE-2020-6882	Use of Hard-coded Credentials vulnerability in ZTE products ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. network low complexity zte CWE-798	7.5
2020-12-21	CVE-2020-6881	Origin Validation Error vulnerability in ZTE products ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. network low complexity zte CWE-346	7.5
2020-11-05	CVE-2020-6877	Unspecified vulnerability in ZTE Zxa10 Eodn Firmware 2.3P2T1 A ZTE product is impacted by an information leak vulnerability. network low complexity zte	8.8
2020-06-24	CVE-2020-6870	Unspecified vulnerability in ZTE Netnumen U31 R10 Firmware V12.17.20T115 The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. low complexity zte	8.0
2020-06-17	CVE-2020-6869	Unspecified vulnerability in ZTE Ztemarket APK 10.06 All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. network low complexity zte	8.1
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-02-20	CVE-2014-4019	Information Exposure vulnerability in ZTE Zxv10 W300 Firmware W300V1.0.0Azrdlk ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0. network low complexity zte CWE-200	7.5
2019-11-22	CVE-2019-3427	Code Injection vulnerability in ZTE Zxcdn Iamweb Firmware 6.01.03.01 The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. network low complexity zte CWE-94	7.2
2019-11-08	CVE-2019-3426	Improper Input Validation vulnerability in ZTE Zxupn-9000E Firmware The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. network low complexity zte CWE-20	8.8
2019-11-08	CVE-2019-3425	Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxupn-9000E Firmware The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. network low complexity zte CWE-732	8.8