Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for c520v21_firmware by ztehome

    CVE-2019-3424 (GCVE-0-2019-3424)

    Vulnerability from nvd – Published: 2019-11-18 18:20 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations.
    Severity
    No CVSS data available.
    CWE
    • Authentication Issues
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation C520V21 Affected: All versions up to V2.1.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "C520V21",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to V2.1.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication Issues",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-18T18:20:23.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3424",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "C520V21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to V2.1.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication Issues"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3424",
        "datePublished": "2019-11-18T18:20:23.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.281Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3423 (GCVE-0-2019-3423)

    Vulnerability from nvd – Published: 2019-11-18 18:19 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources.
    Severity
    No CVSS data available.
    CWE
    • Permission and Access Control
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation C520V21 Affected: All versions up to V2.1.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.415Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "C520V21",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to V2.1.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Permission and Access Control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-18T18:19:44.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3423",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "C520V21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to V2.1.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Permission and Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3423",
        "datePublished": "2019-11-18T18:19:44.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.415Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3424 (GCVE-0-2019-3424)

    Vulnerability from cvelistv5 – Published: 2019-11-18 18:20 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations.
    Severity
    No CVSS data available.
    CWE
    • Authentication Issues
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation C520V21 Affected: All versions up to V2.1.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "C520V21",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to V2.1.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication Issues",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-18T18:20:23.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3424",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "C520V21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to V2.1.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication Issues"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3424",
        "datePublished": "2019-11-18T18:20:23.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.281Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3423 (GCVE-0-2019-3423)

    Vulnerability from cvelistv5 – Published: 2019-11-18 18:19 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources.
    Severity
    No CVSS data available.
    CWE
    • Permission and Access Control
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation C520V21 Affected: All versions up to V2.1.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.415Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "C520V21",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to V2.1.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Permission and Access Control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-18T18:19:44.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3423",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "C520V21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to V2.1.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Permission and Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3423",
        "datePublished": "2019-11-18T18:19:44.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.415Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }