Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21749 | 1 Zte | 2 Mf971r, Mf971r Firmware | 2021-10-25 | 7.5 HIGH | 9.8 CRITICAL |
| ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. | |||||
| CVE-2021-21748 | 1 Zte | 2 Mf971r, Mf971r Firmware | 2021-10-25 | 7.5 HIGH | 9.8 CRITICAL |
| ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. | |||||
| CVE-2021-21745 | 1 Zte | 2 Mf971r, Mf971r Firmware | 2021-10-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click. | |||||
| CVE-2021-21744 | 1 Zte | 2 Mf971r, Mf971r Firmware | 2021-10-25 | 5.0 MEDIUM | 7.5 HIGH |
| ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled. | |||||
| CVE-2021-21743 | 1 Zte | 2 Mf971r, Mf971r Firmware | 2021-10-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request. | |||||
| CVE-2021-21747 | 1 Zte | 2 Mf971r, Mf971r Firmware | 2021-10-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information. | |||||
| CVE-2021-21746 | 1 Zte | 2 Mf971r, Mf971r Firmware | 2021-10-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information. | |||||