Search criteria
4 vulnerabilities found for c520v21_firmware by ztehome
CVE-2019-3424 (GCVE-0-2019-3424)
Vulnerability from nvd – Published: 2019-11-18 18:20 – Updated: 2024-08-04 19:12
VLAI?
Summary
authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations.
Severity ?
No CVSS data available.
CWE
- Authentication Issues
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ZTE Corporation | C520V21 |
Affected:
All versions up to V2.1.14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "C520V21",
"vendor": "ZTE Corporation",
"versions": [
{
"status": "affected",
"version": "All versions up to V2.1.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Issues",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-18T18:20:23.000Z",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "C520V21",
"version": {
"version_data": [
{
"version_value": "All versions up to V2.1.14"
}
]
}
}
]
},
"vendor_name": "ZTE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
"refsource": "CONFIRM",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2019-3424",
"datePublished": "2019-11-18T18:20:23.000Z",
"dateReserved": "2018-12-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:12:09.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3423 (GCVE-0-2019-3423)
Vulnerability from nvd – Published: 2019-11-18 18:19 – Updated: 2024-08-04 19:12
VLAI?
Summary
permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources.
Severity ?
No CVSS data available.
CWE
- Permission and Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ZTE Corporation | C520V21 |
Affected:
All versions up to V2.1.14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "C520V21",
"vendor": "ZTE Corporation",
"versions": [
{
"status": "affected",
"version": "All versions up to V2.1.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission and Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-18T18:19:44.000Z",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "C520V21",
"version": {
"version_data": [
{
"version_value": "All versions up to V2.1.14"
}
]
}
}
]
},
"vendor_name": "ZTE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission and Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
"refsource": "CONFIRM",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2019-3423",
"datePublished": "2019-11-18T18:19:44.000Z",
"dateReserved": "2018-12-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:12:09.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3424 (GCVE-0-2019-3424)
Vulnerability from cvelistv5 – Published: 2019-11-18 18:20 – Updated: 2024-08-04 19:12
VLAI?
Summary
authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations.
Severity ?
No CVSS data available.
CWE
- Authentication Issues
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ZTE Corporation | C520V21 |
Affected:
All versions up to V2.1.14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "C520V21",
"vendor": "ZTE Corporation",
"versions": [
{
"status": "affected",
"version": "All versions up to V2.1.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Issues",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-18T18:20:23.000Z",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "C520V21",
"version": {
"version_data": [
{
"version_value": "All versions up to V2.1.14"
}
]
}
}
]
},
"vendor_name": "ZTE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
"refsource": "CONFIRM",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2019-3424",
"datePublished": "2019-11-18T18:20:23.000Z",
"dateReserved": "2018-12-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:12:09.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3423 (GCVE-0-2019-3423)
Vulnerability from cvelistv5 – Published: 2019-11-18 18:19 – Updated: 2024-08-04 19:12
VLAI?
Summary
permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources.
Severity ?
No CVSS data available.
CWE
- Permission and Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ZTE Corporation | C520V21 |
Affected:
All versions up to V2.1.14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "C520V21",
"vendor": "ZTE Corporation",
"versions": [
{
"status": "affected",
"version": "All versions up to V2.1.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission and Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-18T18:19:44.000Z",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "C520V21",
"version": {
"version_data": [
{
"version_value": "All versions up to V2.1.14"
}
]
}
}
]
},
"vendor_name": "ZTE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission and Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
"refsource": "CONFIRM",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2019-3423",
"datePublished": "2019-11-18T18:19:44.000Z",
"dateReserved": "2018-12-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:12:09.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}