CVE-2018-7360
CRITICALZTE ZXHN F670 Firmware < 1.1.10p3t18 - Unauthenticated Exposure of Sensitive Information via appviahttp Service
Title source: llmDescription
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp service.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009383
Scores
CVSS v3
9.6
EPSS
0.0010
EPSS Percentile
27.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-200
Status
published
Products (1)
zte/zxhn_f670_firmware
< 1.1.10p3t18
Published
Nov 16, 2018
Tracked Since
Feb 18, 2026