Vulnerabilities > ZTE > Zxiptv EPG Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-07-25 CVE-2017-10934 Deserialization of Untrusted Data vulnerability in ZTE Zxiptv-Epg Firmware
All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities.
network
low complexity
zte CWE-502
critical
9.8