Vulnerabilities (CVE)

Filtered by vendor Zte Subscribe
Filtered by product Mf971r
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21749 1 Zte 2 Mf971r, Mf971r Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
CVE-2021-21748 1 Zte 2 Mf971r, Mf971r Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
CVE-2021-21747 1 Zte 2 Mf971r, Mf971r Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.
CVE-2021-21746 1 Zte 2 Mf971r, Mf971r Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.
CVE-2021-21745 1 Zte 2 Mf971r, Mf971r Firmware 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.
CVE-2021-21744 1 Zte 2 Mf971r, Mf971r Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled.
CVE-2021-21743 1 Zte 2 Mf971r, Mf971r Firmware 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request.