Описание
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Broken Link
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Broken Link
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:zte:zxv10_w300_firmware:w300v1.0.0a_zrd_lk:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.59441
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.
EPSS
Процентиль: 98%
0.59441
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200