Vulnerabilities > ZTE > High

DATE CVE VULNERABILITY TITLE RISK
2020-12-21 CVE-2020-6882 Use of Hard-coded Credentials vulnerability in ZTE products
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device.
network
low complexity
zte CWE-798
7.5
2020-12-21 CVE-2020-6881 Origin Validation Error vulnerability in ZTE products
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages.
network
low complexity
zte CWE-346
7.5
2020-11-05 CVE-2020-6877 Unspecified vulnerability in ZTE Zxa10 Eodn Firmware 2.3P2T1
A ZTE product is impacted by an information leak vulnerability.
network
low complexity
zte
8.8
2020-06-24 CVE-2020-6870 Unspecified vulnerability in ZTE Netnumen U31 R10 Firmware V12.17.20T115
The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability.
low complexity
zte
8.0
2020-06-17 CVE-2020-6869 Unspecified vulnerability in ZTE Ztemarket APK 10.06
All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability.
network
low complexity
zte
8.1
2020-06-08 CVE-2020-12695 Incorrect Default Permissions vulnerability in multiple products
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
7.5
2020-02-20 CVE-2014-4019 Information Exposure vulnerability in ZTE Zxv10 W300 Firmware W300V1.0.0Azrdlk
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.
network
low complexity
zte CWE-200
7.5
2019-11-22 CVE-2019-3427 Code Injection vulnerability in ZTE Zxcdn Iamweb Firmware 6.01.03.01
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability.
network
low complexity
zte CWE-94
7.2
2019-11-08 CVE-2019-3426 Improper Input Validation vulnerability in ZTE Zxupn-9000E Firmware
The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability.
network
low complexity
zte CWE-20
8.8
2019-11-08 CVE-2019-3425 Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxupn-9000E Firmware
The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control.
network
low complexity
zte CWE-732
8.8