CVE-2026-44409 MEDIUM

CVE-2026-44409: Information disclosure vulnerability in ZTE MU5250

Vendor Zte
Product MU5250
Weakness CWE-200 · Info exposure
Published May 22, 2026
Last update May 22, 2026

CVSS base score

5.7/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration of the access control mechanism, attackers can obtain information without authorization, causing the risk of information disclosure.

Key dates

02Disclosure timeline

May 22, 2026 CVE published
May 22, 2026 Record updated