ГлавнаяУязвимости → CVE-2024-22069
7.1высокая

CVE-2024-22069

Описание

There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.

Затрагиваемое ПО
Zte Zxv10 et301 firmwareZte Zxv10 et301Zte Zxv10 xt802 firmwareZte Zxv10 xt802
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
Источники
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1036424