CVE-2025-26709 MEDIUM

CVE-2025-26709: Unauthorized Access Vulnerability in ZTE F50

Vendor Zte
Product F50
Weakness CWE-200 · Info exposure
Published August 15, 2025
Last update August 15, 2025

CVSS base score

5.7/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface

Key dates

02Disclosure timeline

August 15, 2025 CVE published
August 15, 2025 Record updated