PT-2015-7819 · Zte · Zte Zxv10 W300+1

Published

2015-12-30

Updated

2016-11-28

CVE-2015-8703

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions ZTE ZXHN H108N R1A versions before ZTE.bhs.ZXHNH108NR1A.k PE ZTE ZXV10 W300 versions before W300V1.0.0f ER1 PE

Description The issue allows remote authenticated users to bypass intended access restrictions and discover credentials and keys by reading the configuration file.

Recommendations For ZTE ZXHN H108N R1A versions before ZTE.bhs.ZXHNH108NR1A.k PE, update to ZTE.bhs.ZXHNH108NR1A.k PE or later. For ZTE ZXV10 W300 versions before W300V1.0.0f ER1 PE, update to W300V1.0.0f ER1 PE or later.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2015-8703

Affected Products

Zte Zxhn H108N R1A

Zte Zxv10 W300

PT-2015-7819 · Zte · Zte Zxv10 W300+1

CVE-2015-8703

Weakness Enumeration

Related Identifiers

Affected Products

References · 5