PT-2019-16563 · Zte · Zte Mf920

Published

2019-06-11

Updated

2022-04-18

CVE-2019-3411

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ZTE MF920 versions up to BD R218V2.4

Description The issue allows an attacker to obtain sensitive information about the affected components due to certain interfaces being able to obtain the WebUI login password without requiring a login. This is an information leak issue.

Recommendations For versions up to BD R218V2.4, update to a version later than BD R218V2.4 to resolve the issue.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2019-3411

Affected Products

Zte Mf920

PT-2019-16563 · Zte · Zte Mf920

CVE-2019-3411

Weakness Enumeration

Related Identifiers

Affected Products

References · 3