CVE-2018-7356

MEDIUM

ZTE ZXR10 8905E - DoS

Title source: llm

Description

All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections.

References (1)

[Vendor Advisory] http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009783

Scores

CVSS v3 5.6

EPSS 0.0019

EPSS Percentile 40.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-294

Status published

Affected Products (1)

zte/zxr10_8905e_firmware < 3.03.10.b23p2

Timeline

Published Nov 01, 2018

Tracked Since Feb 18, 2026