CVE-2022-23141

HIGH

7.5

Description

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.

Details CVE

Score CVSS v3.17.5

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie7/15/2022

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

zte:zxmp_m721zte:zxmp_m721_firmware

Faiblesses (CWE)

CWE-532

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025264(psirt@zte.com.cn)

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025264(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.