Zxhn F670 Firmware
Monthly
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an attacker to cause a denial of service via appviahttp service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an attacker to cause a denial of service via appviahttp service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.