PT-2024-19182 · Zte · Zte Zxr10 2800-4+3
Published
2024-10-10
·
Updated
2024-10-14
·
CVE-2024-22068
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
ZTE ZXR10 1800-2S series versions V4.00.10 and earlier
ZTE ZXR10 2800-4 versions V4.00.10 and earlier
ZTE ZXR10 3800-8 versions V4.00.10 and earlier
ZTE ZXR10 160 series versions V4.00.10 and earlier
Description
The issue is related to Improper Privilege Management, allowing Functionality Bypass. This affects ZTE ZXR10 series on 64-bit systems. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.
Recommendations
For ZTE ZXR10 1800-2S series versions V4.00.10 and earlier, update to a version later than V4.00.10.
For ZTE ZXR10 2800-4 versions V4.00.10 and earlier, update to a version later than V4.00.10.
For ZTE ZXR10 3800-8 versions V4.00.10 and earlier, update to a version later than V4.00.10.
For ZTE ZXR10 160 series versions V4.00.10 and earlier, update to a version later than V4.00.10.
As a temporary workaround, consider restricting access to the vulnerable functionality until a patch is available.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Zte Zxr10 160
Zte Zxr10 1800-2S
Zte Zxr10 2800-4
Zte Zxr10 3800-8