CVE-2026-49000 HIGH

CVE-2026-49000: Cryptography Implementation Flaw vulnerability in ZTE ZXUniPOS NDS-LTE product

Vendor Zte
Product ZXUniPOS NDS-LTE
Weakness CWE-310
Published May 27, 2026
Last update May 28, 2026

CVSS base score

7.0/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

What the vulnerability does

01Description

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms.

Key dates

02Disclosure timeline

May 27, 2026 CVE published
May 28, 2026 Record updated