All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges.
References
Link | Resource |
---|---|
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943 | Vendor Advisory |
https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2-7h57-rg7p | Exploit Third Party Advisory |
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943 | Vendor Advisory |
Configurations
History
01 Mar 2023, 18:09
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other | |
References | (MISC) https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2-7h57-rg7p - Exploit, Third Party Advisory | |
References | (MISC) https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943 - Vendor Advisory |
26 Jan 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2018-12-07 14:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-7364
Mitre link : CVE-2018-7364
CVE.ORG link : CVE-2018-7364
JSON object : View
Products Affected
zte
- zxin10
CWE