CVE-2023-22920

CRITICAL

Zyxel LTE3316-M604 V2.00(ABMP.6)C0 - Unauthenticated Remote Access via Telnet Misconfiguration

Title source: llm
STIX 2.1

Description

A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet.

References (1)

Core 1

Scores

CVSS v3 9.8
EPSS 0.0083
EPSS Percentile 74.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-284
Status published
Products (2)
zyxel/lte3202-m437_firmware 1.00\(abwf.1\)c0
zyxel/lte3316-m604_firmware 2.00\(abmp.6\)c0
Published Feb 21, 2023
Tracked Since Feb 18, 2026