Zte: Security Vulnerabilities
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-03-11
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.
CVSS Score
6.4
EPSS Score
0.0
Published
2025-03-11
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devices.
CVSS Score
7.6
EPSS Score
0.001
Published
2024-12-30
ZTE NH8091 product has an improper permission control vulnerability. Due to improper permission control of the Web module interface, an authenticated attacker may exploit the vulnerability to execute arbitrary commands.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-11-18
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-10-29
There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.
CVSS Score
6.8
EPSS Score
0.004
Published
2024-10-29
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-10-18
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.
CVSS Score
6.0
EPSS Score
0.001
Published
2024-10-10
There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack.
CVSS Score
4.5
EPSS Score
0.002
Published
2024-09-18
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-08-08