Vulnerabilities > ZTE > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2022-23136 Cross-site Scripting vulnerability in ZTE Zxhn F680 Firmware 6.0.10P3N20
There is a stored XSS vulnerability in ZTE home gateway product.
network
low complexity
zte CWE-79
5.4
5.4
2022-02-24 CVE-2022-23135 Path Traversal vulnerability in ZTE Zxhn F477 Firmware and Zxhn F677 Firmware
There is a directory traversal vulnerability in some home gateway products of ZTE.
network
low complexity
zte CWE-22
6.5
6.5
2021-10-20 CVE-2021-21743 Injection vulnerability in ZTE Mf971R Firmware
ZTE MF971R product has a CRLF injection vulnerability.
network
low complexity
zte CWE-74
4.3
4.3
2021-10-20 CVE-2021-21745 Cross-Site Request Forgery (CSRF) vulnerability in ZTE Mf971R Firmware
ZTE MF971R product has a Referer authentication bypass vulnerability.
network
low complexity
zte CWE-352
4.3
4.3
2021-10-20 CVE-2021-21746 Cross-site Scripting vulnerability in ZTE Mf971R Firmware
ZTE MF971R product has reflective XSS vulnerability.
network
low complexity
zte CWE-79
6.1
6.1
2021-10-20 CVE-2021-21747 Cross-site Scripting vulnerability in ZTE Mf971R Firmware
ZTE MF971R product has reflective XSS vulnerability.
network
low complexity
zte CWE-79
6.1
6.1
2021-09-25 CVE-2021-21742 Unspecified vulnerability in ZTE Axon 30 PRO Message Service 5.3.1.2103091059
There is an information leak vulnerability in the message service app of a ZTE mobile phone.
local
low complexity
zte
5.5
5.5
2021-08-05 CVE-2021-21738 Cross-site Scripting vulnerability in ZTE Zxiptv Firmware Zxiptveaspv5.06.04.09
ZTE's big video business platform has two reflective cross-site scripting (XSS) vulnerabilities.
network
low complexity
zte CWE-79
6.1
6.1
2021-08-05 CVE-2021-21739 Insufficient Verification of Data Authenticity vulnerability in ZTE Zxctn 6120H Firmware 5.10.00B24
A ZTE's product of the transport network access layer has a security vulnerability.
low complexity
zte CWE-345
4.6
4.6
2021-06-10 CVE-2021-21735 Improper Preservation of Permissions vulnerability in ZTE Zxhn H168N Firmware
A ZTE product has an information leak vulnerability.
network
low complexity
zte CWE-281
6.5
6.5