Vulnerability Details CVE-2021-21735
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2021-21735
-
cpe:2.3:h:zte:zxhn_h168n:-
-
cpe:2.3:o:zte:zxhn_h168n_firmware:-
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t
-
cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7
-
cpe:2.3:o:zte:zxhn_h168n_firmware:3.5.0_eg1t4_te