Skip to main content

Zxv10 W300

5 CVEs product

Monthly

CVE-2020-12695 HIGH This Week

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Unifi Controller Hostapd Rt N11 Adsl +213
NVD GitHub
CVSS 3.1
7.5
EPSS
15.2%
CVE-2014-4154 MEDIUM POC This Month

ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the PPPoE/PPPoA. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Zte Zxv10 W300 Firmware Zxv10 W300
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
8.7%
CVE-2014-4018 HIGH POC This Week

The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Zte Authentication Bypass Zxv10 W300 Firmware Zxv10 W300
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
6.2%
CVE-2014-4155 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Zte Zxv10 W300 Firmware Zxv10 W300
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.3%
CVE-2014-0329 CRITICAL POC THREAT Emergency

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 25.0%.

Zte Authentication Bypass Zxv10 W300
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
25.0%
Threat
4.1
EPSS 15% CVSS 7.5
HIGH This Week

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Unifi Controller Hostapd +215
NVD GitHub
EPSS 9% CVSS 5.0
MEDIUM POC This Month

ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the PPPoE/PPPoA. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Zte Zxv10 W300 Firmware +1
NVD Exploit-DB
EPSS 6% CVSS 7.8
HIGH POC This Week

The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Zte Authentication Bypass Zxv10 W300 Firmware +1
NVD Exploit-DB
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Zte Zxv10 W300 Firmware +1
NVD Exploit-DB
EPSS 25% 4.1 CVSS 9.3
CRITICAL POC THREAT Emergency

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 25.0%.

Zte Authentication Bypass Zxv10 W300
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy