Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10930 | 1 Zte | 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware | 2019-10-02 | 5.0 MEDIUM | 9.8 CRITICAL |
| The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords. | |||||
| CVE-2017-10935 | 1 Zte | 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware | 2019-10-02 | 4.0 MEDIUM | 7.2 HIGH |
| All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password. | |||||
| CVE-2017-10931 | 1 Zte | 2 Zxr10 1800-2s, Zxr10 1800-2s Firmware | 2017-09-27 | 5.0 MEDIUM | 7.5 HIGH |
| The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration. | |||||