zte

199 tracked vulnerabilities.

CVE-2019-3412 CRITICAL
ZTE MF920 Firmware <= BD_R218V2.4 - OS Command Injection via Unverified Interface Parameters
Jun 11, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-3411 HIGH
ZTE MF920 Firmware <= BD_R218V2.4 - Unauthenticated Information Disclosure via WebUI Password Retrieval
Jun 11, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-3410 MEDIUM
ZTE WF820+ LTE Outdoor CPE Firmware < 1.0.0b06 - Cross-Site Request Forgery
Jun 11, 2019
CVSS 4.6
EPSS 0.00
CVE-2019-3409 CRITICAL
ZTE WF820+ LTE Outdoor CPE Firmware < 1.0.0b06 - Unauthenticated OS Command Injection
Jun 11, 2019
CVSS 9.0
EPSS 0.02
CVE-2018-7366 MEDIUM
ZTE ZXV10 B860AV2.1 ChinaMobile Firmware - Authentication Bypass
Dec 28, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-7365 MEDIUM
ZTE uSmartView < 5.01.05 - Untrusted Search Path
Dec 20, 2018
CVSS 5.1
EPSS 0.01
CVE-2018-7364 CRITICAL
ZTE ZXIN10 < resv1.01.44 - Unauthenticated Remote Code Execution via devcomm Process
Dec 07, 2018
CVSS 9.8
EPSS 0.10
CVE-2018-7363 MEDIUM
ZTE ZXHN F670 Firmware < 1.1.10p3t18 - Unauthenticated Credential Brute Force via appviahttp Service
Nov 16, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-7362 HIGH
ZTE ZXHN F670 Firmware < 1.1.10p3t18 - Unauthenticated Improper Access Control
Nov 16, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-7361 MEDIUM
ZTE ZXHN F670 Firmware < 1.1.10p3t18 - Denial of Service via appviahttp Service
Nov 16, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-7360 CRITICAL
ZTE ZXHN F670 Firmware < 1.1.10p3t18 - Unauthenticated Exposure of Sensitive Information via appviahttp Service
Nov 16, 2018
CVSS 9.6
EPSS 0.01
CVE-2018-7359 CRITICAL
ZTE ZXHN F670 Firmware < 1.1.10p3t18 - Remote Code Execution via Heap-Based Buffer Overflow
Nov 16, 2018
CVSS 9.0
EPSS 0.02
CVE-2018-7358 MEDIUM
ZTE ZXHN H168N Firmware V2.2.0_PK1.2T5 V2.2.0_PK1.2T2 V2.2.0_PK11T7 V2.2.0_PK11T - Improper Authentication
Nov 14, 2018
CVSS 6.5
EPSS 0.90
CVE-2018-7357 MEDIUM
ZTE ZXHN H168N Firmware <= V2.2.0_PK1.2T5 - Unauthenticated Critical Function Access
Nov 14, 2018
CVSS 6.5
EPSS 0.88
CVE-2018-7356 MEDIUM
ZTE ZXR10 8905E Firmware < 3.03.10.b23p2 - TCP Connection Spoofing via ISN Reuse
Nov 01, 2018
CVSS 5.6
EPSS 0.01
CVE-2018-7355 MEDIUM
ZTE MF65 and MF65M1 Firmware < 1.0.0b05 - Cross-Site Scripting
Sep 26, 2018
CVSS 6.1
EPSS 0.02
CVE-2017-10937 HIGH
ZTE ZXIPTV-UCM Firmware < 2.01.05.09 - SQL Injection via opertype Parameter
Jul 25, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-10936 HIGH
ZTE ZXCDN-SNS < 4.01.01 - SQL Injection via aoData Parameter
Jul 25, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-10935 HIGH
ZTE ZXR10 1800-2S <3.00.40 - Auth Bypass
Jul 25, 2018
CVSS 7.2
EPSS 0.01
CVE-2017-10934 CRITICAL
ZTE ZXIPTV-EPG Firmware < 5.09.02.02t4 - Unauthenticated Remote Code Execution via Java RMI Deserialization
Jul 25, 2018
CVSS 9.8
EPSS 0.03
CVE-2017-16953 HIGH
ZTE ZXDSL 831CII Firmware - Unauthenticated Configuration Modification via connoppp.cgi
Dec 01, 2017
CVSS 7.5
EPSS 0.11
CVE-2017-10933 HIGH
ZTE ZXDT22 SF01 < V2.06.00.00 - Path Traversal via Full Path Name
Oct 19, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-10932 CRITICAL
ZTE NR8000 Series < 12.17.20 - Unauthenticated Remote Code Execution via Java RMI Deserialization
Sep 28, 2017
CVSS 9.8
EPSS 0.04
CVE-2017-10931 HIGH
ZTE ZXR10 Firmware < 3.00.40 - Unauthenticated Path Traversal and Information Disclosure
Sep 19, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-10930 CRITICAL
ZXR10 1800-2S <3.00.40 - Privilege Escalation
Sep 19, 2017
CVSS 9.8
EPSS 0.01