Details of VAR-202108-2522

ID

VAR-202108-2522

TITLE

ZTE smart router has weak password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-51318

DESCRIPTION

ZTE is the world's leading provider of integrated communications and information solutions, providing innovative technology and product solutions for global telecom operators, government and enterprise customers, and consumers. ZTE Smart Router has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-51318

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-51318

AFFECTED PRODUCTS

vendor:

zte

model:

smart router hardware version number: v1.0.0/software version number: v1.0.5/boot version number:

scope:

version:

v1.0.0

Trust: 0.6

sources: CNVD: CNVD-2021-51318

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-51318
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-51318
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-51318

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-51318

Trust: 0.6

sources: CNVD: CNVD-2021-51318

SOURCES

db:

CNVD

id:

CNVD-2021-51318

LAST UPDATE DATE

2022-05-04T09:45:54.826000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-51318

date:

2021-07-19T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-51318

date:

2021-08-22T00:00:00