PT-2019-16569 · Zte · Zte Zxhn F670
Alexandr Shvetsov
+1
·
Published
2019-08-15
·
Updated
2023-03-03
·
CVE-2019-3417
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
ZTE ZXHN F670 versions prior to V1.1.10P3T18
Description
The issue is related to a command injection vulnerability due to insufficient parameter validation check. This allows an authorized user to exploit the vulnerability and take control of the user router system.
Recommendations
For versions prior to V1.1.10P3T18, update to a version that includes the necessary security patches to fix the command injection vulnerability.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zte Zxhn F670