Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-23141 | 1 Zte | 2 Zxmp M721, Zxmp M721 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information. | |||||
CVE-2022-23139 | 1 Zte | 2 Zxmp M721, Zxmp M721 Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could actually obtain higher operating permissions on key files. |