Filtered by vendor Zte
Subscribe
Total
182 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46576 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | N/A | 5.4 MEDIUM |
| There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content. | |||||
| CVE-2025-46577 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | N/A | 6.5 MEDIUM |
| There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information. | |||||
| CVE-2025-46578 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | N/A | 6.5 MEDIUM |
| There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information. | |||||
| CVE-2025-46579 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | N/A | 8.4 HIGH |
| There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed. | |||||
| CVE-2025-46580 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | N/A | 7.7 HIGH |
| There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt the normal operation of business SQL. | |||||
| CVE-2022-39069 | 1 Zte | 1 Zaip-aie | 2025-05-01 | N/A | 5.3 MEDIUM |
| There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content. | |||||
| CVE-2022-39070 | 1 Zte | 4 Zxa10 C300m, Zxa10 C300m Firmware, Zxa10 C350m and 1 more | 2025-04-29 | N/A | 9.8 CRITICAL |
| There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation. | |||||
| CVE-2022-39067 | 1 Zte | 2 Mf286r, Mf286r Firmware | 2025-04-29 | N/A | 6.5 MEDIUM |
| There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack. | |||||
| CVE-2022-39066 | 1 Zte | 2 Mf286r, Mf286r Firmware | 2025-04-29 | N/A | 8.8 HIGH |
| There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection. | |||||
| CVE-2022-23143 | 1 Zte | 2 Otcp, Otcp Firmware | 2025-04-23 | N/A | 6.5 MEDIUM |
| ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files. | |||||
| CVE-2022-45957 | 1 Zte | 2 Zxhn-h108ns, Zxhn-h108ns Firmware | 2025-04-22 | N/A | 7.5 HIGH |
| ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow. | |||||
| CVE-2022-39073 | 1 Zte | 2 Mf286r, Mf286r Firmware | 2025-04-10 | N/A | 9.8 CRITICAL |
| There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands. | |||||
| CVE-2022-39072 | 1 Zte | 4 Mf286r, Mf286r Firmware, Mf289d and 1 more | 2025-04-10 | N/A | 5.4 MEDIUM |
| There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vulnerability to execute stored XSS attacks. | |||||
| CVE-2025-26706 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 5.4 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.07. | |||||
| CVE-2025-26705 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 5.3 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | |||||
| CVE-2025-26704 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 6.4 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | |||||
| CVE-2025-26703 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 4.3 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | |||||
| CVE-2025-26702 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 4.9 MEDIUM |
| Improper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | |||||
| CVE-2024-22067 | 1 Zte | 2 Nh8091, Nh8091 Firmware | 2025-03-13 | N/A | 6.8 MEDIUM |
| ZTE NH8091 product has an improper permission control vulnerability. Due to improper permission control of the Web module interface, an authenticated attacker may exploit the vulnerability to execute arbitrary commands. | |||||
| CVE-2024-22068 | 1 Zte | 8 Zxr10 160, Zxr10 160 Firmware, Zxr10 1800-2s and 5 more | 2025-02-07 | N/A | 6.0 MEDIUM |
| Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier. | |||||