Vulnerabilities > ZTE > Zxv10 W300 Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-24 | CVE-2015-7257 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in ZTE Zxv10 W300 Firmware W300V2.1.0Fer7Peo57/W300V2.1.0Her7Peo57 ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin". | 8.5 |
2014-07-16 | CVE-2014-4018 | Credentials Management vulnerability in ZTE Zxv10 W300 and Zxv10 W300 Firmware The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors. | 7.8 |