CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-21745

ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.406

EPSS Ranking 97.2%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.3

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764

Products affected by CVE-2021-21745

Zte » Mf971r » Version: N/A

cpe:2.3:h:zte:mf971r:-
Zte » Mf971r Firmware » Version: 1v1.0.0b06

cpe:2.3:o:zte:mf971r_firmware:1v1.0.0b06
Zte » Mf971r Firmware » Version: 2v1.0.0b03

cpe:2.3:o:zte:mf971r_firmware:2v1.0.0b03
Zte » Mf971r Firmware » Version: s2v1.0.0b03

cpe:2.3:o:zte:mf971r_firmware:s2v1.0.0b03
Zte » Mf971r Firmware » Version: sv1.0.0b05

cpe:2.3:o:zte:mf971r_firmware:sv1.0.0b05
Zte » Mf971r Firmware » Version: v1.0.0b05

cpe:2.3:o:zte:mf971r_firmware:v1.0.0b05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21745

Products

Pricing

Contact Us