Vulnerabilities (CVE)

Filtered by vendor Zte Subscribe
Filtered by product Zxiptv
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21738 1 Zte 2 Zxiptv, Zxiptv Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
ZTE's big video business platform has two reflective cross-site scripting (XSS) vulnerabilities. Due to insufficient input verification, the attacker could implement XSS attacks by tampering with the parameters, to affect the operations of valid users. This affects: <ZXIPTV><ZXIPTV-EAS_PV5.06.04.09>
CVE-2020-6874 1 Zte 2 Zxiptv, Zxiptv Firmware 2024-11-21 5.5 MEDIUM 9.1 CRITICAL
A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV, ZXIPTV-WEB-PV5.09.08.04.