Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for zxupn-9000e_firmware by zte

    CVE-2019-3426 (GCVE-0-2019-3426)

    Vulnerability from nvd – Published: 2019-11-08 18:29 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation ZXUPN-9000E Affected: All versions up to 9000EV5.0R1B12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.475Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ZXUPN-9000E",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to 9000EV5.0R1B12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-08T18:29:03.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3426",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ZXUPN-9000E",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to 9000EV5.0R1B12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3426",
        "datePublished": "2019-11-08T18:29:03.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3425 (GCVE-0-2019-3425)

    Vulnerability from nvd – Published: 2019-11-08 18:28 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts.
    Severity
    No CVSS data available.
    CWE
    • permission and access control
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation ZXUPN-9000E Affected: All versions up to 9000EV5.0R1B12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ZXUPN-9000E",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to 9000EV5.0R1B12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "permission and access control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-08T18:28:27.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3425",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ZXUPN-9000E",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to 9000EV5.0R1B12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "permission and access control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3425",
        "datePublished": "2019-11-08T18:28:27.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3426 (GCVE-0-2019-3426)

    Vulnerability from cvelistv5 – Published: 2019-11-08 18:29 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations.
    Severity
    No CVSS data available.
    CWE
    • input validation
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation ZXUPN-9000E Affected: All versions up to 9000EV5.0R1B12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.475Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ZXUPN-9000E",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to 9000EV5.0R1B12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "input validation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-08T18:29:03.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3426",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ZXUPN-9000E",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to 9000EV5.0R1B12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "input validation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3426",
        "datePublished": "2019-11-08T18:29:03.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3425 (GCVE-0-2019-3425)

    Vulnerability from cvelistv5 – Published: 2019-11-08 18:28 – Updated: 2024-08-04 19:12
    VLAI
    Summary
    The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts.
    Severity
    No CVSS data available.
    CWE
    • permission and access control
    Assigner
    zte
    References
    Impacted products
    Vendor Product Version
    ZTE Corporation ZXUPN-9000E Affected: All versions up to 9000EV5.0R1B12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ZXUPN-9000E",
              "vendor": "ZTE Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions up to 9000EV5.0R1B12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "permission and access control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-08T18:28:27.000Z",
            "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
            "shortName": "zte"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@zte.com.cn",
              "ID": "CVE-2019-3425",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ZXUPN-9000E",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions up to 9000EV5.0R1B12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ZTE Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "permission and access control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683",
                  "refsource": "CONFIRM",
                  "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "assignerShortName": "zte",
        "cveId": "CVE-2019-3425",
        "datePublished": "2019-11-08T18:28:27.000Z",
        "dateReserved": "2018-12-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:12:09.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }