Lucene search

[email protected]NVD:CVE-2022-39067

HistoryNov 22, 2022 - 5:15 p.m.

CVE-2022-39067

2022-11-2217:15:10

CWE-120

[email protected]

web.nvd.nist.gov

buffer overflow

zte mf286r

wifi interface

denial of service

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

32.4%

JSON

There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.

Affected configurations

NVD

Node

ztemf286r_firmwareRange<mf286r_b07

AND

ztemf286rMatch-

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1027784

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

32.4%

JSON

Related for NVD:CVE-2022-39067

cvelist1 cve1 prion1 cnvd1