Vulnerabilities (CVE)

Filtered by vendor Zte Subscribe
Filtered by product Zxr10 1800-2s
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-22066 1 Zte 8 Zxr10 160, Zxr10 160 Firmware, Zxr10 1800-2s and 5 more 2024-11-08 N/A 6.5 MEDIUM
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device.
CVE-2017-10935 1 Zte 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware 2024-02-28 4.0 MEDIUM 7.2 HIGH
All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password.
CVE-2017-10930 1 Zte 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords.
CVE-2017-10931 1 Zte 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware 2024-02-28 5.0 MEDIUM 7.5 HIGH
The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration.