Skip to main content

Zte Zxunipos Nds Lte

1 CVEs product

Monthly

CVE-2026-48999 MEDIUM This Month

Stored cross-site scripting in ZTE ZXUniPOS NDS-LTE enables an authenticated high-privilege attacker to persist malicious JavaScript within the system, which executes automatically in the browsers of other users who access the affected pages. Affected versions include V24.30.40CP02 and V24.40.40 and their respective earlier releases, confirmed via ENISA EUVD-2026-32041 and ZTE's own security bulletin. No public exploit identified at time of analysis, and an EPSS score of 0.03% (9th percentile) reflects a very low automated exploitation probability.

XSS Zte Zxunipos Nds Lte
NVD
CVSS 3.1
5.7
EPSS
0.0%
EPSS 0% CVSS 5.7
MEDIUM This Month

Stored cross-site scripting in ZTE ZXUniPOS NDS-LTE enables an authenticated high-privilege attacker to persist malicious JavaScript within the system, which executes automatically in the browsers of other users who access the affected pages. Affected versions include V24.30.40CP02 and V24.40.40 and their respective earlier releases, confirmed via ENISA EUVD-2026-32041 and ZTE's own security bulletin. No public exploit identified at time of analysis, and an EPSS score of 0.03% (9th percentile) reflects a very low automated exploitation probability.

XSS Zte Zxunipos Nds Lte
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy