CVE-2021-21739
MEDIUMZTE ZXCTN 6120H Firmware V5.10.00B24 - Insufficient Verification of Data Authenticity
Title source: llmDescription
A ZTE's product of the transport network access layer has a security vulnerability. Because the system does not sufficiently verify the data reliability, attackers could replace an authenticated optical module on the equipment with an unauthenticated one, bypassing system authentication and detection, thus affecting signal transmission. This affects: <ZXCTN 6120H><V5.10.00B24>
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017024
Scores
CVSS v3
4.6
EPSS
0.0002
EPSS Percentile
6.6%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-345
Status
published
Products (1)
zte/zxctn_6120h_firmware
5.10.00b24
Published
Aug 05, 2021
Tracked Since
Feb 18, 2026