Zte
Monthly
Unauthorized information disclosure in the ZTE MU5250 5G mobile router allows an adjacent-network attacker with low-privilege access to retrieve sensitive information due to misconfigured access control mechanisms. The vulnerability carries a CVSS 3.1 base score of 5.7 (Medium) with high confidentiality impact, confirmed by ZTE through their own security bulletin. No public exploit code or CISA KEV listing has been identified at time of analysis, limiting immediate mass-exploitation risk, though the high confidentiality impact (C:H) warrants timely remediation in network-sensitive deployments.
Improper permission control on the ZTE MU5250 web management interface allows an adjacent-network attacker with low-level credentials to modify device configuration beyond their authorized scope, resulting in high availability impact and low integrity impact. Affected firmware is confirmed as BD_FLYMODEMMU5250V1.0.0B27, self-disclosed by ZTE via their security bulletin. No public exploit code or CISA KEV listing exists at time of analysis, and exploitation is constrained to adjacent network access with some level of authenticated access per the CVSS vector.
Local denial-of-service vulnerability in ZTE Cloud PC client uSmartview allows authenticated local attackers to trigger memory corruption and crash the application through a use of externally-controlled format string (CWE-134). CVSS 4.7 with local attack vector and high complexity indicates limited real-world exploitability; no public exploit identified at time of analysis.
DLL hijacking in ZTE Cloud PC client uSmartView allows unauthenticated local attackers to achieve arbitrary code execution and privilege escalation by planting a malicious DLL that is loaded by uSmartViewServiceAgent.exe running with SYSTEM privileges. The vulnerability requires local access but no authentication and affects multiple ZXCloud IRAI product versions. No public exploit code or active exploitation has been confirmed at this time.
ZTE Cloud PC client uSmartview contains an OpenSSL configuration file privilege escalation vulnerability (CVE-2026-40004) that allows authenticated local attackers with user-level privileges to execute arbitrary code and escalate to higher privilege levels through a malicious openssl.cnf file. This requires physical access or local system access combined with user interaction, and affects ZTE's virtualized desktop infrastructure product. The CVSS score of 5.5 reflects the physical attack vector and additional user interaction requirement, despite the severity of code execution and cross-system scope impact.
Arbitrary memory writes via USB in ZTE ZX297520V3 BootROM allow physical attackers with USB access to bypass Secure Boot signature verification and achieve unauthorized code execution by exploiting missing target address validation in USB download mode. The vulnerability requires physical device access and user interaction (device boot into download mode), resulting in a CVSS score of 5.1, but enables complete bypass of cryptographic security mechanisms and Secure Boot protections.
Local privilege escalation in ZTE PROCESS Guard Service allows authenticated local users to escalate privileges and achieve arbitrary code execution through improper access control enforcement, affecting the cloud computer client. The vulnerability requires local access and authenticated user context but operates across system boundaries, potentially compromising system integrity. No active exploitation has been confirmed at time of analysis, though the combination of privilege escalation and RCE capability makes this a moderate-priority local threat.
Remote denial-of-service in ZTE home routers (H8102E, H168N, H167A, and 15 other models) allows unauthenticated network attackers to crash the web management interface via oversized HTTP POST request with application/x-www-form-urlencoded content, requiring physical device reboot to restore service. ZTE claims devices patched since March 2021, but operator firmware timelines vary. EPSS data not available; no active exploitation confirmed (not in CISA KEV). Publicly available exploit details exist via GitHub gist.
Remote unauthenticated attackers can retrieve plaintext administrator passwords and WLAN Pre-Shared Keys from ZTE ZXHN H298A (firmware 1.1) and H108N (firmware 2.6) routers via crafted HTTP requests to the web management interface. The vulnerability enables complete network compromise through credential theft without requiring authentication. Public exploit code exists (GitHub Gist), demonstrating active researcher interest, though no CISA KEV listing indicates targeted rather than widespread exploitation. EPSS data unavailable, but the combination of network attack vector, no authentication requirement, and credential exposure presents immediate risk to affected deployments.
Password reset vulnerability in ZTE ZXEDM iEMS cloud management portal allows authenticated attackers with low privileges to enumerate all user accounts and reset arbitrary user passwords. This authentication bypass enables unauthorized administrative operations across the entire EMS system. Attack requires user interaction and moderate complexity (CVSS AC:H), but no public exploit identified at time of analysis. CVSS 7.1 reflects high confidentiality, integrity, and availability impact within the vulnerable component's scope.
Unauthenticated credential disclosure in ZTE ZXHN H188A routers (versions V6.0.10P2_TE and V6.0.10P3N3_TE) allows local network attackers to retrieve sensitive credentials including default administrator passwords, WLAN PSK, and PPPoE credentials via the wizard interface, with some cases enabling unauthenticated configuration changes. No CVSS or EPSS data is available, and KEV status is unconfirmed; however, a publicly available technical analysis exists on GitHub indicating detailed exploitation methodology.
Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.23.20.04. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an unauthorized access vulnerability in ZTE T5400. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
There is an an information disclosure vulnerability in ZTE T5400. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
There is an unauthorized access vulnerability in ZTE F50. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE NH8091 product has an improper permission control vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a command injection vulnerability in ZTE MF258 Pro product. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.00.10 and earlier. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init function. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro. Rated medium severity (CVSS 6.6). No vendor patch available.
There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Rated medium severity (CVSS 6.4). No vendor patch available.
There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed. Rated medium severity (CVSS 4.4). No vendor patch available.
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges. Rated medium severity (CVSS 6.7). No vendor patch available.
There is a denial of service vulnerability in some ZTE mobile internet products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a command injection vulnerability in some ZTE mobile internet products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a buffer overflow vulnerability in some ZTE mobile internet producsts. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a SQL injection vulnerability in some ZTE mobile internet products. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There is a command injection vulnerability in a mobile internet product of ZTE. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a permission and access control vulnerability in some ZTE mobile phones. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ZTE OTCP product is impacted by a permission and access control vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is an access control vulnerability in some ZTE PON OLT products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a buffer overflow vulnerability in ZTE MF286R. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a SQL injection vulnerability in ZTE MF286R. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a SQL injection vulnerability in ZTE ZAIP-AIE. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a broken access control vulnerability in ZTE ZXvSTB product. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE's MF297D product has cryptographic issues vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE's ZXMP M721 product has a permission and access control vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE's ZXCDN product has a reflective XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a stored XSS vulnerability in ZTE home gateway product. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a directory traversal vulnerability in some home gateway products of ZTE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE BigVideo analysis product has an input verification vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE BigVideo Analysis product has a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has a Referer authentication bypass vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has a configuration file control vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has a CRLF injection vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has reflective XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has reflective XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a command execution vulnerability in a ZTE conference management system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A ZTE's product of the transport network access layer has a security vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ZTE's big video business platform has two reflective cross-site scripting (XSS) vulnerabilities. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A smart STB product of ZTE is impacted by a permission and access control vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A smart camera product of ZTE is impacted by a permission and access control vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A ZTE product has an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A mobile phone of ZTE is impacted by improper access control vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product is impacted by improper access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Some ZTE products have CSRF vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product has a configuration error vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product has a DoS vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Some ZTE products have an input verification vulnerability in the diagnostic function interface. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.
A ZTE product has an information leak vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
A ZTE product has a memory leak vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Some ZTE products have a DoS vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE Smart STB is impacted by an information leak vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Some ZTE devices have input verification vulnerabilities. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
A ZTE product is impacted by an information leak vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A ZTE product is impacted by an XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A ZTE product is impacted by the improper access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product is impacted by the cryptographic issues vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product has a DoS vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unauthorized information disclosure in the ZTE MU5250 5G mobile router allows an adjacent-network attacker with low-privilege access to retrieve sensitive information due to misconfigured access control mechanisms. The vulnerability carries a CVSS 3.1 base score of 5.7 (Medium) with high confidentiality impact, confirmed by ZTE through their own security bulletin. No public exploit code or CISA KEV listing has been identified at time of analysis, limiting immediate mass-exploitation risk, though the high confidentiality impact (C:H) warrants timely remediation in network-sensitive deployments.
Improper permission control on the ZTE MU5250 web management interface allows an adjacent-network attacker with low-level credentials to modify device configuration beyond their authorized scope, resulting in high availability impact and low integrity impact. Affected firmware is confirmed as BD_FLYMODEMMU5250V1.0.0B27, self-disclosed by ZTE via their security bulletin. No public exploit code or CISA KEV listing exists at time of analysis, and exploitation is constrained to adjacent network access with some level of authenticated access per the CVSS vector.
Local denial-of-service vulnerability in ZTE Cloud PC client uSmartview allows authenticated local attackers to trigger memory corruption and crash the application through a use of externally-controlled format string (CWE-134). CVSS 4.7 with local attack vector and high complexity indicates limited real-world exploitability; no public exploit identified at time of analysis.
DLL hijacking in ZTE Cloud PC client uSmartView allows unauthenticated local attackers to achieve arbitrary code execution and privilege escalation by planting a malicious DLL that is loaded by uSmartViewServiceAgent.exe running with SYSTEM privileges. The vulnerability requires local access but no authentication and affects multiple ZXCloud IRAI product versions. No public exploit code or active exploitation has been confirmed at this time.
ZTE Cloud PC client uSmartview contains an OpenSSL configuration file privilege escalation vulnerability (CVE-2026-40004) that allows authenticated local attackers with user-level privileges to execute arbitrary code and escalate to higher privilege levels through a malicious openssl.cnf file. This requires physical access or local system access combined with user interaction, and affects ZTE's virtualized desktop infrastructure product. The CVSS score of 5.5 reflects the physical attack vector and additional user interaction requirement, despite the severity of code execution and cross-system scope impact.
Arbitrary memory writes via USB in ZTE ZX297520V3 BootROM allow physical attackers with USB access to bypass Secure Boot signature verification and achieve unauthorized code execution by exploiting missing target address validation in USB download mode. The vulnerability requires physical device access and user interaction (device boot into download mode), resulting in a CVSS score of 5.1, but enables complete bypass of cryptographic security mechanisms and Secure Boot protections.
Local privilege escalation in ZTE PROCESS Guard Service allows authenticated local users to escalate privileges and achieve arbitrary code execution through improper access control enforcement, affecting the cloud computer client. The vulnerability requires local access and authenticated user context but operates across system boundaries, potentially compromising system integrity. No active exploitation has been confirmed at time of analysis, though the combination of privilege escalation and RCE capability makes this a moderate-priority local threat.
Remote denial-of-service in ZTE home routers (H8102E, H168N, H167A, and 15 other models) allows unauthenticated network attackers to crash the web management interface via oversized HTTP POST request with application/x-www-form-urlencoded content, requiring physical device reboot to restore service. ZTE claims devices patched since March 2021, but operator firmware timelines vary. EPSS data not available; no active exploitation confirmed (not in CISA KEV). Publicly available exploit details exist via GitHub gist.
Remote unauthenticated attackers can retrieve plaintext administrator passwords and WLAN Pre-Shared Keys from ZTE ZXHN H298A (firmware 1.1) and H108N (firmware 2.6) routers via crafted HTTP requests to the web management interface. The vulnerability enables complete network compromise through credential theft without requiring authentication. Public exploit code exists (GitHub Gist), demonstrating active researcher interest, though no CISA KEV listing indicates targeted rather than widespread exploitation. EPSS data unavailable, but the combination of network attack vector, no authentication requirement, and credential exposure presents immediate risk to affected deployments.
Password reset vulnerability in ZTE ZXEDM iEMS cloud management portal allows authenticated attackers with low privileges to enumerate all user accounts and reset arbitrary user passwords. This authentication bypass enables unauthorized administrative operations across the entire EMS system. Attack requires user interaction and moderate complexity (CVSS AC:H), but no public exploit identified at time of analysis. CVSS 7.1 reflects high confidentiality, integrity, and availability impact within the vulnerable component's scope.
Unauthenticated credential disclosure in ZTE ZXHN H188A routers (versions V6.0.10P2_TE and V6.0.10P3N3_TE) allows local network attackers to retrieve sensitive credentials including default administrator passwords, WLAN PSK, and PPPoE credentials via the wizard interface, with some cases enabling unauthenticated configuration changes. No CVSS or EPSS data is available, and KEV status is unconfirmed; however, a publicly available technical analysis exists on GitHub indicating detailed exploitation methodology.
Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.23.20.04. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an unauthorized access vulnerability in ZTE T5400. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
There is an an information disclosure vulnerability in ZTE T5400. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
There is an unauthorized access vulnerability in ZTE F50. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE NH8091 product has an improper permission control vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a command injection vulnerability in ZTE MF258 Pro product. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.00.10 and earlier. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init function. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro. Rated medium severity (CVSS 6.6). No vendor patch available.
There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Rated medium severity (CVSS 6.4). No vendor patch available.
There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed. Rated medium severity (CVSS 4.4). No vendor patch available.
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges. Rated medium severity (CVSS 6.7). No vendor patch available.
There is a denial of service vulnerability in some ZTE mobile internet products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a command injection vulnerability in some ZTE mobile internet products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a buffer overflow vulnerability in some ZTE mobile internet producsts. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a SQL injection vulnerability in some ZTE mobile internet products. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There is a command injection vulnerability in a mobile internet product of ZTE. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a permission and access control vulnerability in some ZTE mobile phones. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ZTE OTCP product is impacted by a permission and access control vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is an access control vulnerability in some ZTE PON OLT products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a buffer overflow vulnerability in ZTE MF286R. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a SQL injection vulnerability in ZTE MF286R. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a SQL injection vulnerability in ZTE ZAIP-AIE. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a broken access control vulnerability in ZTE ZXvSTB product. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE's MF297D product has cryptographic issues vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE's ZXMP M721 product has a permission and access control vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE's ZXCDN product has a reflective XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a stored XSS vulnerability in ZTE home gateway product. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a directory traversal vulnerability in some home gateway products of ZTE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE BigVideo analysis product has an input verification vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ZTE BigVideo Analysis product has a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has a Referer authentication bypass vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has a configuration file control vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has a CRLF injection vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has reflective XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE MF971R product has reflective XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a command execution vulnerability in a ZTE conference management system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A ZTE's product of the transport network access layer has a security vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ZTE's big video business platform has two reflective cross-site scripting (XSS) vulnerabilities. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A smart STB product of ZTE is impacted by a permission and access control vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A smart camera product of ZTE is impacted by a permission and access control vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A ZTE product has an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A mobile phone of ZTE is impacted by improper access control vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product is impacted by improper access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Some ZTE products have CSRF vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product has a configuration error vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product has a DoS vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Some ZTE products have an input verification vulnerability in the diagnostic function interface. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.
A ZTE product has an information leak vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.
A ZTE product has a memory leak vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Some ZTE products have a DoS vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE Smart STB is impacted by an information leak vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Some ZTE devices have input verification vulnerabilities. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
A ZTE product is impacted by an information leak vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A ZTE product is impacted by an XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A ZTE product is impacted by the improper access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product is impacted by the cryptographic issues vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A ZTE product has a DoS vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.