CVE-2024-22068 MEDIUM

CVE-2024-22068: Weak Password Vulnerability in ZTE ZSR V2 Intelligent Multi Service Router

Vendor Zte
Product ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series
Weakness CWE-269
Published October 10, 2024
Last update October 10, 2024

CVSS base score

6.0/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction Required
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:H

What the vulnerability does

01Description

Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.

Key dates

02Disclosure timeline

October 10, 2024 CVE published
October 10, 2024 Record updated