CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
70.1%
The server management software module of ZTE has an authentication issue vulnerability, which allows users to skip the authentication of the server and execute some commands for high-level users. This affects: <R5300G4V03.08.0100/V03.07.0300/V03.07.0200/V03.07.0108/V03.07.0100/V03.05.0047/V03.05.0046/V03.05.0045/V03.05.0044/V03.05.0043/V03.05.0040/V03.04.0020;R8500G4V03.07.0103/V03.07.0101/V03.06.0100/V03.05.0400/V03.05.0020;R5500G4V03.08.0100/V03.07.0200/V03.07.0100/V03.06.0100>
Vendor | Product | Version | CPE |
---|---|---|---|
zte | r8500g4 | - | cpe:2.3:h:zte:r8500g4:-:*:*:*:*:*:*:* |
zte | r8500g4_firmware | 03.05.0020 | cpe:2.3:o:zte:r8500g4_firmware:03.05.0020:*:*:*:*:*:*:* |
zte | r8500g4_firmware | 03.05.0400 | cpe:2.3:o:zte:r8500g4_firmware:03.05.0400:*:*:*:*:*:*:* |
zte | r8500g4_firmware | 03.06.0100 | cpe:2.3:o:zte:r8500g4_firmware:03.06.0100:*:*:*:*:*:*:* |
zte | r8500g4_firmware | 03.07.0101 | cpe:2.3:o:zte:r8500g4_firmware:03.07.0101:*:*:*:*:*:*:* |
zte | r8500g4_firmware | 03.07.0103 | cpe:2.3:o:zte:r8500g4_firmware:03.07.0103:*:*:*:*:*:*:* |
zte | r5500g4 | - | cpe:2.3:h:zte:r5500g4:-:*:*:*:*:*:*:* |
zte | r5500g4_firmware | 03.06.0100 | cpe:2.3:o:zte:r5500g4_firmware:03.06.0100:*:*:*:*:*:*:* |
zte | r5500g4_firmware | 03.07.0100 | cpe:2.3:o:zte:r5500g4_firmware:03.07.0100:*:*:*:*:*:*:* |
zte | r5500g4_firmware | 03.07.0200 | cpe:2.3:o:zte:r5500g4_firmware:03.07.0200:*:*:*:*:*:*:* |
[
{
"product": "<R5300G4?R8500G4?R5500G4>",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "<R5300G4V03.08.0100/V03.07.0300/V03.07.0200/V03.07.0108/V03.07.0100/V03.05.0047/V03.05.0046/V03.05.0045/V03.05.0044/V03.05.0043/V03.05.0040/V03.04.0020"
},
{
"status": "affected",
"version": "R8500G4V03.07.0103/V03.07.0101/V03.06.0100/V03.05.0400/V03.05.0020"
},
{
"status": "affected",
"version": "R5500G4V03.08.0100/V03.07.0200/V03.07.0100/V03.06.0100>."
}
]
}
]
More
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
70.1%