← Volver a CVEs
CVE-2021-47740
HIGH7.5
Descripcion
KZTech JT3500V 4G LTE CPE 2.0.1 contains a session management vulnerability that allows attackers to reuse old session credentials without proper expiration. Attackers can exploit the weak session handling to maintain unauthorized access and potentially compromise device authentication mechanisms.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado12/31/2025
Ultima modificacion12/31/2025
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-613
Referencias
http://www.kzbtech.com/(disclosure@vulncheck.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/198471(disclosure@vulncheck.com)
https://neotel.mk/(disclosure@vulncheck.com)
https://packetstormsecurity.com/files/161892/(disclosure@vulncheck.com)
https://www.jatontech.com/(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/kztech-jtv-g-lte-cpe-insufficient-session-expiration-vulnerability(disclosure@vulncheck.com)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5646.php(disclosure@vulncheck.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.