Search

Find a vulnerability

Search criteria

    5 vulnerabilities found for ZXCDN by ZTE

    CVE-2025-46581 (GCVE-0-2025-46581)

    Vulnerability from nvd – Published: 2025-10-14 08:54 – Updated: 2025-10-14 15:30
    VLAI
    Title
    ZTE ZXCDN product has a Struts RCE Vulnerability
    Summary
    ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    zte
    Impacted products
    Vendor Product Version
    ZTE ZXCDN Affected: ZXCDN-SNS V3.01.02
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46581",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-14T15:30:08.091414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-14T15:30:20.230Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ZXCDN",
              "vendor": "ZTE",
              "versions": [
                {
                  "status": "affected",
                  "version": "ZXCDN-SNS V3.01.02"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eZTE\u0027s ZXCDN product  is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges.\u003cbr\u003e\n\n\u003c/p\u003e\u003cbr\u003e"
                }
              ],
              "value": "ZTE\u0027s ZXCDN product  is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-242",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-242 Code Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-14T08:54:42.054Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "url": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/3747693852734546826"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "ZTE ZXCDN product has a Struts RCE Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2025-46581",
        "datePublished": "2025-10-14T08:54:42.054Z",
        "dateReserved": "2025-04-25T00:28:13.909Z",
        "dateUpdated": "2025-10-14T15:30:20.230Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-21733 (GCVE-0-2021-21733)

    Vulnerability from nvd – Published: 2021-05-19 11:00 – Updated: 2024-08-03 18:23
    VLAI
    Summary
    The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02.
    Severity
    No CVSS data available.
    CWE
    • Information Leak
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    n/a <ZXCDN V7.01> Affected: <All versions up to IAMV7.01.01.02>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:23:29.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "\u003cZXCDN V7.01\u003e",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003cAll versions up to IAMV7.01.01.02\u003e"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-19T11:00:58.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2021-21733",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "\u003cZXCDN V7.01\u003e",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003cAll versions up to IAMV7.01.01.02\u003e"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304",
                  "refsource": "MISC",
                  "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2021-21733",
        "datePublished": "2021-05-19T11:00:58.000Z",
        "dateReserved": "2021-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-03T18:23:29.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-46581 (GCVE-0-2025-46581)

    Vulnerability from cvelistv5 – Published: 2025-10-14 08:54 – Updated: 2025-10-14 15:30
    VLAI
    Title
    ZTE ZXCDN product has a Struts RCE Vulnerability
    Summary
    ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    zte
    Impacted products
    Vendor Product Version
    ZTE ZXCDN Affected: ZXCDN-SNS V3.01.02
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46581",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-14T15:30:08.091414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-14T15:30:20.230Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ZXCDN",
              "vendor": "ZTE",
              "versions": [
                {
                  "status": "affected",
                  "version": "ZXCDN-SNS V3.01.02"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eZTE\u0027s ZXCDN product  is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges.\u003cbr\u003e\n\n\u003c/p\u003e\u003cbr\u003e"
                }
              ],
              "value": "ZTE\u0027s ZXCDN product  is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-242",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-242 Code Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-14T08:54:42.054Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "url": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/3747693852734546826"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "ZTE ZXCDN product has a Struts RCE Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2025-46581",
        "datePublished": "2025-10-14T08:54:42.054Z",
        "dateReserved": "2025-04-25T00:28:13.909Z",
        "dateUpdated": "2025-10-14T15:30:20.230Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-21733 (GCVE-0-2021-21733)

    Vulnerability from cvelistv5 – Published: 2021-05-19 11:00 – Updated: 2024-08-03 18:23
    VLAI
    Summary
    The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02.
    Severity
    No CVSS data available.
    CWE
    • Information Leak
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    n/a <ZXCDN V7.01> Affected: <All versions up to IAMV7.01.01.02>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:23:29.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "\u003cZXCDN V7.01\u003e",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003cAll versions up to IAMV7.01.01.02\u003e"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-19T11:00:58.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2021-21733",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "\u003cZXCDN V7.01\u003e",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003cAll versions up to IAMV7.01.01.02\u003e"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304",
                  "refsource": "MISC",
                  "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2021-21733",
        "datePublished": "2021-05-19T11:00:58.000Z",
        "dateReserved": "2021-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-03T18:23:29.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-202105-0590

    Vulnerability from variot - Updated: 2024-08-14 14:44

    The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02. ZXCDN Contains an information disclosure vulnerability.Information may be obtained. ZTE ZXCDN IAMWEB is an identity authentication product of China ZTE Corporation (ZTE)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202105-0590",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "zxcdn",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "zte",
            "version": "iamv7.01.02.02"
          },
          {
            "model": "zxcdn",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "zte",
            "version": "7.01"
          },
          {
            "model": "zxcdn",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "zte",
            "version": "v7.01  from  iamv7.01.01.02  until"
          },
          {
            "model": "zxcdn",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "zte",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "cve": "CVE-2021-21733",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-21733",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-380137",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2021-21733",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.9,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-21733",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-21733",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-21733",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202105-1273",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-380137",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02. ZXCDN Contains an information disclosure vulnerability.Information may be obtained. ZTE ZXCDN IAMWEB is an identity authentication product of China ZTE Corporation (ZTE)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-21733"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-21733"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-21733",
            "trust": 3.4
          },
          {
            "db": "ZTE",
            "id": "1015304",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-380137",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-21733",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-21733"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "id": "VAR-202105-0590",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-380137"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-08-14T14:44:25.608000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Information\u00a0Leak\u00a0Vulnerability\u00a0in\u00a0A\u00a0ZTE\u00a0Product",
            "trust": 0.8,
            "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304"
          },
          {
            "title": "ZXCDN Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152365"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.1
          },
          {
            "problemtype": "information leak (CWE-200) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1015304"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-21733"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-21733"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-21733"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-05-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "date": "2021-05-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-21733"
          },
          {
            "date": "2022-02-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "date": "2021-05-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          },
          {
            "date": "2021-05-19T12:15:07.867000",
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-05-28T00:00:00",
            "db": "VULHUB",
            "id": "VHN-380137"
          },
          {
            "date": "2021-05-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-21733"
          },
          {
            "date": "2022-02-07T02:28:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          },
          {
            "date": "2021-05-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          },
          {
            "date": "2021-05-28T21:04:15.457000",
            "db": "NVD",
            "id": "CVE-2021-21733"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ZXCDN\u00a0 Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-007252"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-1273"
          }
        ],
        "trust": 0.6
      }
    }