Vulnerabilities > ZTE > Zxv10 W300 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-08-24 CVE-2015-7258 Credentials Management vulnerability in ZTE Zxv10 W300 Firmware W300V2.1.0Fer7Peo57/W300V2.1.0Her7Peo57
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.
network
low complexity
zte CWE-255
critical
 9.0
9.0
2017-08-24 CVE-2015-7259 Credentials Management vulnerability in ZTE Zxv10 W300 Firmware W300V2.1.0Fer7Peo57/W300V2.1.0Her7Peo57
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs.
network
low complexity
zte CWE-255
critical
 9.0
9.0