CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-41781

There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.4%

CVSS Severity

CVSS v3 Score 5.7

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034684
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034684

Products affected by CVE-2023-41781

Zte » Mf258 » Version: N/A

cpe:2.3:h:zte:mf258:-
Zte » Mf258 Firmware » Version: zte_std_v1.0.0b08

cpe:2.3:o:zte:mf258_firmware:zte_std_v1.0.0b08
Zte » Mf258 Firmware » Version: zte_std_v1.0.0b10

cpe:2.3:o:zte:mf258_firmware:zte_std_v1.0.0b10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-41781

Products

Pricing

Contact Us