Zte Mf920 Firmware vulnerabilities
2 known vulnerabilities affecting zte/mf920_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2019-3412P2CRITICALCVSS 9.8fixed in bd_r218v2.42019-06-11
CVE-2019-3412 [CRITICAL] CWE-78 CVE-2019-3412: All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability.
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. Due to some interfaces do not adequately verify parameters, an attacker can execute arbitrary commands through specific interfaces.
nvd
CVE-2019-3411P3HIGHCVSS 7.5fixed in bd_r218v2.42019-06-11
CVE-2019-3411 [HIGH] CWE-306 CVE-2019-3411: All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability.
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit the vulnerability to obtain sensitive information about the affected components.
nvd