Описание
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до zte.bhs.zxhnh108nr1a.h_pe (включая)
Одновременно
cpe:2.3:o:zte:zxhn_h108n_r1a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxhn_h108n_r1a:*:*:*:*:*:*:*:*
Конфигурация 2Версия до w300v1.0.0f_er1_pe (включая)
Одновременно
cpe:2.3:o:zte:zxv10_w300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxv10_w300:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04487
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248.
EPSS
Процентиль: 89%
0.04487
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200