Description
ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764
Scores
CVSS v3
7.5
EPSS
0.0024
EPSS Percentile
47.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
Status
published
Products (5)
zte/mf971r_firmware
v1.0.0b05
zte/mf971r_firmware
1v1.0.0b06
zte/mf971r_firmware
2v1.0.0b03
zte/mf971r_firmware
s2v1.0.0b03
zte/mf971r_firmware
sv1.0.0b05
Published
Oct 20, 2021
Tracked Since
Feb 18, 2026