Описание
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Since appviahttp service has no authorization delay, an attacker can be allowed to brute force account credentials.
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.10p3t18 (исключая)
Одновременно
cpe:2.3:o:zte:zxhn_f670_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxhn_f670:-:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00079
Низкий
4.3 Medium
CVSS3
8.8 High
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Since appviahttp service has no authorization delay, an attacker can be allowed to brute force account credentials.
EPSS
Процентиль: 23%
0.00079
Низкий
4.3 Medium
CVSS3
8.8 High
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-863