CVE-2021-21726

Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illegal parameters. This affects:<ZXONE 9700 , ZXONE 8700, ZXONE 19700><V1.40.021.021CP049, V1.0P02B219_@NCPM-RELEASE_2.40R1-20200914.set>
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zte:zxone_9700_firmware:1.40.021.021cp049:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxone_9700:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:zte:zxone_8700_firmware:1.40.021.021cp049:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxone_8700:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:zte:zxone_19700_firmware:1.0p02b219_\@ncpm-release_2.40r1-20200914.set:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxone_19700:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:48

Type Values Removed Values Added
References () http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014664 - Vendor Advisory () http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014664 - Vendor Advisory

Information

Published : 2021-03-12 19:15

Updated : 2024-11-21 05:48


NVD link : CVE-2021-21726

Mitre link : CVE-2021-21726

CVE.ORG link : CVE-2021-21726


JSON object : View

Products Affected

zte

  • zxone_19700_firmware
  • zxone_19700
  • zxone_9700
  • zxone_9700_firmware
  • zxone_8700_firmware
  • zxone_8700
CWE
CWE-20

Improper Input Validation