VAR-201710-0182
Vulnerability from variot - Updated: 2025-04-20 23:29All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address. ZTE ZXDT22 SF01 Contains a path traversal vulnerability.Information may be obtained. ZTEZXDT22SF01 is a DC power supply unit of China ZTE Corporation (ZTE). A directory traversal vulnerability exists in versions prior to ZTEZXDT22SF012.06.00.00. A remote attacker can exploit this vulnerability to read any file on the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0182",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxdt22 sf01",
"scope": "lt",
"trust": 1.4,
"vendor": "zte",
"version": "2.06.00.00"
},
{
"model": "zxdt22 sf01",
"scope": "lte",
"trust": 1.0,
"vendor": "zte",
"version": "v2.06.00.00"
},
{
"model": "zxdt22 sf01",
"scope": "eq",
"trust": 0.6,
"vendor": "zte",
"version": "v2.06.00.00"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
},
{
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:zte:zxdt22_sf01_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
}
]
},
"cve": "CVE-2017-10933",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-10933",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-32538",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-101305",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-10933",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-10933",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-10933",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-32538",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-679",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-101305",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "VULHUB",
"id": "VHN-101305"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
},
{
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address. ZTE ZXDT22 SF01 Contains a path traversal vulnerability.Information may be obtained. ZTEZXDT22SF01 is a DC power supply unit of China ZTE Corporation (ZTE). A directory traversal vulnerability exists in versions prior to ZTEZXDT22SF012.06.00.00. A remote attacker can exploit this vulnerability to read any file on the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-10933"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "VULHUB",
"id": "VHN-101305"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-10933",
"trust": 3.1
},
{
"db": "ZTE",
"id": "1008582",
"trust": 2.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-32538",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-101305",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "VULHUB",
"id": "VHN-101305"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
},
{
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"id": "VAR-201710-0182",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "VULHUB",
"id": "VHN-101305"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
}
]
},
"last_update_date": "2025-04-20T23:29:33.556000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Directory Traversal Vulnerability in ZTE ZXDT22 SF01 Product",
"trust": 0.8,
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008582"
},
{
"title": "ZTEZXDT22SF01 directory traversal vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/105299"
},
{
"title": "ZTE ZXDT22 SF01 Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75690"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-101305"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1008582"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10933"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-10933"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "VULHUB",
"id": "VHN-101305"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
},
{
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"db": "VULHUB",
"id": "VHN-101305"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
},
{
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"date": "2017-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-101305"
},
{
"date": "2017-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"date": "2017-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-679"
},
{
"date": "2017-10-19T21:29:00.453000",
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32538"
},
{
"date": "2017-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-101305"
},
{
"date": "2017-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"date": "2017-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-679"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-10933"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ZXDT22 SF01 Path traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009523"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-679"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…