Lucene search
ZteCVELIST:CVE-2019-3412HistoryJun 11, 2019 - 7:20 p.m.
CVE-2019-3412
2019-06-1119:20:32
zte
www.cve.org
3
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.003
Percentile
68.6%
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. Due to some interfaces do not adequately verify parameters, an attacker can execute arbitrary commands through specific interfaces.
CNA Affected
[
{
"product": "ZTE MF920",
"vendor": "ZTE",
"versions": [
{
"lessThanOrEqual": "All versions up to BD_R218V2.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2019-3412
2019-06-11 20:29:01
nvd
nvd
CVE-2019-3412
2019-06-11 20:29:01
prion
prion
Command injection
2019-06-11 20:29:00
pentestpartners
pentestpartners
ZTE MF910 – An end of life router, running lots of vivacious hidden code
2019-08-10 05:19:43
Reverse Engineering 4G Hotspots for fun, bugs and net financial loss
2019-08-10 09:05:45
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.003
Percentile
68.6%
Related for CVELIST:CVE-2019-3412