Vulnerability Details CVE-2023-22920
A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.5%
CVSS Severity
CVSS v3 Score 9.8
References
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-security-misconfiguration-vulnerability-of-4g-lte-indoor-routers
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-security-misconfiguration-vulnerability-of-4g-lte-indoor-routers
Products affected by CVE-2023-22920
-
cpe:2.3:h:zyxel:lte3202-m437:-
-
cpe:2.3:h:zyxel:lte3316-m604:-
-
cpe:2.3:o:zyxel:lte3202-m437_firmware:1.00(abwf.1)c0
-
cpe:2.3:o:zyxel:lte3316-m604_firmware:2.00(abmp.6)c0