Vulnerability Details CVE-2018-7358
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.39
EPSS Ranking 97.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.8
References
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523
- http://www.securityfocus.com/bid/105963
- https://www.exploit-db.com/exploits/45972/
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523
- http://www.securityfocus.com/bid/105963
- https://www.exploit-db.com/exploits/45972/
Products affected by CVE-2018-7358
-
cpe:2.3:h:zte:zxhn_h168n:-
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7