PT-2019-16574 · Zte · Mf910S
T. Weber
+1
·
Published
2019-11-07
·
Updated
2020-08-28
·
CVE-2019-3422
CVSS v2.0
1.9
Low
| Vector | AV:L/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
ZTE MF910S (affected versions not specified)
Description
An information disclosure issue was reported in the MF910S product, where the one-click upgrade tool can obtain the Telnet remote login password. If Telnet is enabled, an attacker can remotely log in to the device using the cracked password, resulting in information leakage.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mf910S