← Voltar para CVEs
CVE-2021-47740
HIGH7.5
Descricao
KZTech JT3500V 4G LTE CPE 2.0.1 contains a session management vulnerability that allows attackers to reuse old session credentials without proper expiration. Attackers can exploit the weak session handling to maintain unauthorized access and potentially compromise device authentication mechanisms.
Detalhes CVE
Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado12/31/2025
Ultima modificacao12/31/2025
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-613
Referencias
http://www.kzbtech.com/(disclosure@vulncheck.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/198471(disclosure@vulncheck.com)
https://neotel.mk/(disclosure@vulncheck.com)
https://packetstormsecurity.com/files/161892/(disclosure@vulncheck.com)
https://www.jatontech.com/(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/kztech-jtv-g-lte-cpe-insufficient-session-expiration-vulnerability(disclosure@vulncheck.com)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5646.php(disclosure@vulncheck.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.