CVE-2017-10935

2017-11-2200:00:00

zte

www.cve.org

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.9%

JSON

All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user’s password.

CNA Affected

[
  {
    "product": "ZXR10 1800-2S",
    "vendor": "ZTE",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to ZSRV2 V3.00.40"
      }
    ]
  }
]

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008723