CVE-2026-44409

{"id": "CVE-2026-44409", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@zte.com.cn", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-05-22T05:16:26.350", "references": [{"url": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/3711746568357343342", "tags": ["Vendor Advisory"], "source": "psirt@zte.com.cn"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@zte.com.cn", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration of the access control mechanism, attackers can obtain information without authorization, causing the risk of information disclosure."}], "lastModified": "2026-06-03T01:49:05.573", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:mu5250_firmware:1.0.0b27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEB27476-B25E-4A59-A6A4-2849EE48B757"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:mu5250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C007E6FD-A7A7-49E9-8957-45FA167F9784"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@zte.com.cn"}