ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.
References
Link | Resource |
---|---|
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523 | Vendor Advisory |
http://www.securityfocus.com/bid/105963 | Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/45972/ | Exploit Third Party Advisory VDB Entry |
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523 | Vendor Advisory |
http://www.securityfocus.com/bid/105963 | Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/45972/ | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:12
Type | Values Removed | Values Added |
---|---|---|
References | () http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/105963 - Third Party Advisory, VDB Entry | |
References | () https://www.exploit-db.com/exploits/45972/ - Exploit, Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 6.5 |
Information
Published : 2018-11-14 15:29
Updated : 2024-11-21 04:12
NVD link : CVE-2018-7358
Mitre link : CVE-2018-7358
CVE.ORG link : CVE-2018-7358
JSON object : View
Products Affected
zte
- zxhn_h168n_firmware
- zxhn_h168n
CWE
CWE-287
Improper Authentication