Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-39072

There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vulnerability to execute stored XSS attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.6%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2022-39072
  • Zte » Mf286r » Version: N/A
    cpe:2.3:h:zte:mf286r:-
  • Zte » Mf289d » Version: N/A
    cpe:2.3:h:zte:mf289d:-
  • Zte » Mf286r Firmware » Version: nordic_mf286r_b06
    cpe:2.3:o:zte:mf286r_firmware:nordic_mf286r_b06
  • Zte » Mf289d Firmware » Version: cr_tmoczmf289dv1.0.0b07
    cpe:2.3:o:zte:mf289d_firmware:cr_tmoczmf289dv1.0.0b07


Products
Pricing
Contact Us

Shodan ® - All rights reserved