Zte: >> Zxv10 W300 Firmware >> w300v1.0.0a_zrd_lk Security Vulnerabilities
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.
CVSS Score
7.5
EPSS Score
0.594
Published
2020-02-20
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248.
CVSS Score
6.5
EPSS Score
0.038
Published
2015-12-30