CVE-2025-2397

Name of the Vulnerable Software and Affected Versions China Mobile P22g-CIac versions up to 20250305 ZXWT-MIG-P4G4V versions up to 20250305 ZXWT-MIG-P8G8V versions up to 20250305 GT3200-4G4P versions up to 20250305 GT3200-8G8P versions up to 20250305

Description A vulnerability was found in the Telnet Service component, leading to improper authorization. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations For China Mobile P22g-CIac versions up to 20250305, restrict access to the Telnet Service component to minimize the risk of exploitation. For ZXWT-MIG-P4G4V versions up to 20250305, consider disabling the Telnet Service until a patch is available. For ZXWT-MIG-P8G8V versions up to 20250305, avoid using the Telnet Service until the issue is resolved. For GT3200-4G4P versions up to 20250305, restrict access to the Telnet Service component to minimize the risk of exploitation. For GT3200-8G8P versions up to 20250305, consider disabling the Telnet Service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.