PT-2018-18042 · Zte · Zte Mf65+1
Nathu Nandwani
·
Publicado
2018-09-26
·
Atualizado
2019-01-10
·
CVE-2018-7355
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ZTE MF65 versions prior to V1.0.0B05
ZTE MF65M1 versions prior to V1.0.0B02
Description
The issue is related to cross-site scripting due to improper neutralization of input during web page generation. This could allow an attacker to conduct reflected XSS or HTML injection attacks on the devices.
Recommendations
For ZTE MF65 versions prior to V1.0.0B05, update to version V1.0.0B05 or later to resolve the issue.
For ZTE MF65M1 versions prior to V1.0.0B02, update to version V1.0.0B02 or later to resolve the issue.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Zte Mf65
Zte Mf65M1