PT-2018-18053 · Zte · Zte Zxv10 B860Av2.1
Publicado
2018-12-28
·
Atualizado
2019-10-09
·
CVE-2018-7366
CVSS v3.1
6.8
Média
| Vetor | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the BESTV versions up to V1.2.2
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the WASU versions up to V1.1.7
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the MGTV versions up to V1.4.6
Description
The issue is related to an authentication bypass, which may allow an unauthorized user to perform unauthorized operations.
Recommendations
For ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, update to a version later than V1.3.3.
For ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the BESTV versions up to V1.2.2, update to a version later than V1.2.2.
For ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the WASU versions up to V1.1.7, update to a version later than V1.1.7.
For ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the MGTV versions up to V1.4.6, update to a version later than V1.4.6.
Correção
Incorrect Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Zte Zxv10 B860Av2.1