CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-22065

There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.3%

CVSS Severity

CVSS v3 Score 6.8

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1171513586716225572

Products affected by CVE-2024-22065

Zte » Mf258k Pro » Version: N/A

cpe:2.3:h:zte:mf258k_pro:-
Zte » Mf258k Pro Firmware » Version: 1.0.0b03

cpe:2.3:o:zte:mf258k_pro_firmware:1.0.0b03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22065

Products

Pricing

Contact Us