Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for zxhn_h2640_firmware by zte

    CVE-2021-21740 (GCVE-0-2021-21740)

    Vulnerability from nvd – Published: 2021-08-09 15:30 – Updated: 2024-08-03 18:23
    VLAI
    Summary
    There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak.
    Severity
    No CVSS data available.
    CWE
    • information leak
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    n/a ZXHN H2640 Affected: V10.0.0C6_TY
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:23:29.257Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ZXHN H2640",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V10.0.0C6_TY"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information leak vulnerability in the digital media player (DMS) of ZTE\u0027s residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-09T15:30:12.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2021-21740",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ZXHN H2640",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V10.0.0C6_TY"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information leak vulnerability in the digital media player (DMS) of ZTE\u0027s residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244",
                  "refsource": "MISC",
                  "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2021-21740",
        "datePublished": "2021-08-09T15:30:12.000Z",
        "dateReserved": "2021-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-03T18:23:29.257Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-21740 (GCVE-0-2021-21740)

    Vulnerability from cvelistv5 – Published: 2021-08-09 15:30 – Updated: 2024-08-03 18:23
    VLAI
    Summary
    There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak.
    Severity
    No CVSS data available.
    CWE
    • information leak
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    n/a ZXHN H2640 Affected: V10.0.0C6_TY
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:23:29.257Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ZXHN H2640",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V10.0.0C6_TY"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information leak vulnerability in the digital media player (DMS) of ZTE\u0027s residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-09T15:30:12.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2021-21740",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ZXHN H2640",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V10.0.0C6_TY"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information leak vulnerability in the digital media player (DMS) of ZTE\u0027s residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244",
                  "refsource": "MISC",
                  "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017244"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2021-21740",
        "datePublished": "2021-08-09T15:30:12.000Z",
        "dateReserved": "2021-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-03T18:23:29.257Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }