Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21738 | 1 Zte | 2 Zxiptv, Zxiptv Firmware | 2021-08-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| ZTE's big video business platform has two reflective cross-site scripting (XSS) vulnerabilities. Due to insufficient input verification, the attacker could implement XSS attacks by tampering with the parameters, to affect the operations of valid users. This affects: <ZXIPTV><ZXIPTV-EAS_PV5.06.04.09> | |||||
| CVE-2020-6874 | 1 Zte | 2 Zxiptv, Zxiptv Firmware | 2021-07-21 | 5.5 MEDIUM | 9.1 CRITICAL |
| A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV, ZXIPTV-WEB-PV5.09.08.04. | |||||