exploitDog

CVE-2021-21725

Опубликовано: 05 мар. 2021

Источник: nvd

CVSS3: 5.7

CVSS2: 2.7

EPSS Низкий

Описание

A ZTE product has an information leak vulnerability. An attacker with higher authority can go beyond their authority to access files in other directories by performing specific operations, resulting in information leak. This affects: ZXHN H196Q V9.1.0C2.

Ссылки

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014624
Vendor Advisory
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014624
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:zte:zxhn_h196q_firmware:9.1.0c2:*:*:*:*:*:*:*

cpe:2.3:h:zte:zxhn_h196q:-:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00076

Низкий

5.7 Medium

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-863

Связанные уязвимости

GHSA-ww8w-98rf-98pg

github

больше 3 лет назад

A ZTE product has an information leak vulnerability. An attacker with higher authority can go beyond their authority to access files in other directories by performing specific operations, resulting in information leak. This affects: ZXHN H196Q V9.1.0C2.

EPSS

Процентиль: 23%

0.00076

Низкий

5.7 Medium

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-863