163
CVEs
23
Critical
58
High
0
KEV
35
PoC
81
Unpatched C/H
0.0%
Patch Rate
4.8%
Avg EPSS
Severity Breakdown
CRITICAL
23
HIGH
58
MEDIUM
76
LOW
6
Monthly CVE Trend
Affected Products (30)
Zxcloud Irai
8
Mf971R Firmware
7
Zxhn F670 Firmware
7
Zxv10 W300 Firmware
7
Zxhn H108N R1A Firmware
6
Zxhn H168N Firmware
5
Zxdsl
4
Zxv10 W300
4
Mf286R Firmware
4
Zte Zmax Champ Firmware
3
Mc801A1 Firmware
3
Zxcloud Goldendata Vap
3
Mc801A Firmware
3
Zxhn H108N Firmware
3
Zxiptv Firmware
2
Zxr10 2800 4 Firmware
2
Zxr10 1800 2S Firmware
2
Zxdsl 831Cii
2
Zxhn E8820 Firmware
2
Zxr10 3800 8 Firmware
2
Zxhn E8822 Firmware
2
Zxv10 B860A Firmware
2
Otcp Firmware
2
E8820V3 Firmware
2
R8500G4 Firmware
2
Zxr10 160 Firmware
2
Zxa10 C300M Firmware
2
Zxdsl 831
2
Zxupn 9000E Firmware
2
Wf820 Lte Outdoor Cpe Firmware
2
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2014-2321 | web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 92.0%. | CRITICAL | 10.0 | 92.0% | 162 |
PoC
No patch
|
| CVE-2015-7251 | ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 38.8%. | CRITICAL | 9.8 | 38.8% | 108 |
PoC
No patch
|
| CVE-2015-7259 | ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.3%. | HIGH | 8.8 | 33.3% | 97 |
PoC
No patch
|
| CVE-2015-7258 | ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 32.6%. | HIGH | 8.8 | 32.6% | 97 |
PoC
No patch
|
| CVE-2015-7248 | ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 35.4%. | HIGH | 7.5 | 35.4% | 93 |
PoC
No patch
|
| CVE-2014-0329 | The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 25.0%. | CRITICAL | 9.3 | 25.0% | 92 |
PoC
No patch
|
| CVE-2015-7250 | Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.2%. | HIGH | 7.5 | 20.2% | 78 |
PoC
No patch
|
| CVE-2017-16953 | connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.1%. | HIGH | 7.5 | 18.1% | 76 |
PoC
No patch
|
| CVE-2015-7252 | Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.0%. | MEDIUM | 6.1 | 24.0% | 75 |
PoC
No patch
|
| CVE-2015-7257 | ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.7%. | HIGH | 7.5 | 16.7% | 74 |
PoC
No patch
|
| CVE-2018-7364 | All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 10.3% | 69 |
PoC
No patch
|
| CVE-2014-4018 | The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.8 | 6.2% | 65 |
PoC
No patch
|
| CVE-2018-7357 | ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.8 | 87.9% | 64 |
PoC
No patch
|
| CVE-2018-7358 | ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.8 | 89.6% | 64 |
PoC
No patch
|
| CVE-2017-10932 | All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.8% and no vendor patch available. | CRITICAL | 9.8 | 13.8% | 63 |
No patch
|