PT-2017-7170 · Zte · Zxv10 W300
Karn Ganeshen
·
Published
2017-08-24
·
Updated
2017-08-30
·
CVE-2015-7258
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
ZTE ADSL ZXV10 W300 modems versions W300V2.1.0f ER7 PE O57 through W300V2.1.0h ER7 PE O57
Description
The issue allows remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.
Recommendations
For versions W300V2.1.0f ER7 PE O57 through W300V2.1.0h ER7 PE O57, consider restricting Telnet access to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zxv10 W300