Zxedm Iems

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-40436 HIGH This Week

Password reset vulnerability in ZTE ZXEDM iEMS cloud management portal allows authenticated attackers with low privileges to enumerate all user accounts and reset arbitrary user passwords. This authentication bypass enables unauthorized administrative operations across the entire EMS system. Attack requires user interaction and moderate complexity (CVSS AC:H), but no public exploit identified at time of analysis. CVSS 7.1 reflects high confidentiality, integrity, and availability impact within the vulnerable component's scope.

Authentication Bypass Zte Zxedm Iems

NVD VulDB

CVSS 3.1

7.1

CVE-2026-40436

CVSS 7.1

HIGH This Week

Password reset vulnerability in ZTE ZXEDM iEMS cloud management portal allows authenticated attackers with low privileges to enumerate all user accounts and reset arbitrary user passwords. This authentication bypass enables unauthorized administrative operations across the entire EMS system. Attack requires user interaction and moderate complexity (CVSS AC:H), but no public exploit identified at time of analysis. CVSS 7.1 reflects high confidentiality, integrity, and availability impact within the vulnerable component's scope.

Authentication Bypass Zte Zxedm Iems

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy