Vulnerabilities > ZTE > Zxhn H108N R1A Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2015-12-30 CVE-2015-7250 Path Traversal vulnerability in ZTE Zxhn H108N R1A Firmware Zte.Bhs.Zxhnh108Nr1A.Hpe
Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.
network
low complexity
zte CWE-22
7.5
2015-12-30 CVE-2015-7248 Information Exposure vulnerability in ZTE Zxhn H108N R1A Firmware Zte.Bhs.Zxhnh108Nr1A.Hpe
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.
network
low complexity
zte CWE-200
7.5