exploitDog

CVE-2022-23141

Опубликовано: 15 июл. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.

Ссылки

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025264
Vendor Advisory
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025264
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:zte:zxmp_m721_firmware:commond21bootv100004_ls1045:*:*:*:*:*:*:*

cpe:2.3:h:zte:zxmp_m721:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.003

Низкий

7.5 High

CVSS3

Дефекты

CWE-532

Связанные уязвимости

GHSA-g64r-v5c7-qvh2

CVSS3: 7.5

github

больше 3 лет назад

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.

EPSS

Процентиль: 53%

0.003

Низкий

7.5 High

CVSS3

Дефекты

CWE-532