Vulnerabilities > ZTE > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-24 | CVE-2020-6870 | Unspecified vulnerability in ZTE Netnumen U31 R10 Firmware V12.17.20T115 The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. low complexity zte | 8.0 |
| 2020-06-17 | CVE-2020-6869 | Unspecified vulnerability in ZTE Ztemarket APK 10.06 All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. | 8.1 |
| 2020-06-08 | CVE-2020-12695 | Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | 7.5 |
| 2020-02-20 | CVE-2014-4019 | Information Exposure vulnerability in ZTE Zxv10 W300 Firmware W300V1.0.0Azrdlk ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0. | 7.5 |
| 2019-11-22 | CVE-2019-3427 | Code Injection vulnerability in ZTE Zxcdn Iamweb Firmware 6.01.03.01 The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. | 7.2 |
| 2019-11-08 | CVE-2019-3426 | Improper Input Validation vulnerability in ZTE Zxupn-9000E Firmware The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. | 8.8 |
| 2019-11-08 | CVE-2019-3425 | Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxupn-9000E Firmware The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. | 8.8 |
| 2019-08-15 | CVE-2019-3417 | OS Command Injection vulnerability in ZTE Zxhn F670 Firmware All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. | 8.8 |
| 2019-06-11 | CVE-2019-3411 | Missing Authentication for Critical Function vulnerability in ZTE Mf920 Firmware All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. | 7.5 |
| 2019-06-11 | CVE-2019-3410 | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. | 8.8 |