There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.
References
Link | Resource |
---|---|
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1026224 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
History
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
26 Sep 2022, 19:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-59 | |
References | (MISC) https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1026224 - Vendor Advisory | |
First Time |
Zte zxa10 B800v2 Firmware
Zte zxa10 B710c-a12 Zte zxa10 B960gv1 Zte zxa10 S100v Zte zxa10 B836ct-a15 Zte zxa10 B700v7 Firmware Zte zxa10 B710c-a12 Firmware Zte zxa10 S200t Zte zxa10 B76hv3 Zte zxa10 S200t Firmware Zte zxa10 S100v Firmware Zte zxa10 B766v2 Zte zxa10 S200a Zte zxa10 B710s2-a19 Firmware Zte zxa10 B866v2-h Firmware Zte Zte zxa10 B766v2 Firmware Zte zxa10 B710s2-a19 Zte zxa10 B860av2.1 Zte zxa10 B866v5-w10 Zte zxa10 B860h Firmware Zte zxa10 B836ct-a15 Firmware Zte zxa10 B860av2.1 Firmware Zte zxa10 B76hv3 Firmware Zte zxa10 S200a Firmware Zte zxa10 B800v2 Zte zxa10 B860h Zte zxa10 B960gv1 Firmware Zte zxa10 B700v7 Zte zxa10 B866v5-w10 Firmware Zte zxa10 B866v2-h |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
CPE | cpe:2.3:h:zte:zxa10_b860h:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b710s2-a19:-:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_s200a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b700v7:-:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b960gv1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b766v2:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b960gv1:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b836ct-a15:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_s200t:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b860av2.1:-:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b76hv3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b860h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b866v2-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b766v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b866v5-w10_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b800v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b836ct-a15_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_s100v:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_s200a:-:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b860av2.1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b700v7_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b710c-a12_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_s200t_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_b710s2-a19_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b710c-a12:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b76hv3:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b866v5-w10:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b866v2-h:-:*:*:*:*:*:*:* cpe:2.3:h:zte:zxa10_b800v2:-:*:*:*:*:*:*:* cpe:2.3:o:zte:zxa10_s100v_firmware:*:*:*:*:*:*:*:* |
23 Sep 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-23 15:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-23144
Mitre link : CVE-2022-23144
CVE.ORG link : CVE-2022-23144
JSON object : View
Products Affected
zte
- zxa10_b866v5-w10
- zxa10_s200t
- zxa10_s200a_firmware
- zxa10_b836ct-a15_firmware
- zxa10_b710c-a12_firmware
- zxa10_b860av2.1
- zxa10_b700v7_firmware
- zxa10_b866v5-w10_firmware
- zxa10_b766v2
- zxa10_b860h_firmware
- zxa10_s100v_firmware
- zxa10_b960gv1
- zxa10_b710s2-a19
- zxa10_b960gv1_firmware
- zxa10_b700v7
- zxa10_b710s2-a19_firmware
- zxa10_b860h
- zxa10_b766v2_firmware
- zxa10_s200a
- zxa10_b836ct-a15
- zxa10_b800v2_firmware
- zxa10_b860av2.1_firmware
- zxa10_b76hv3_firmware
- zxa10_b76hv3
- zxa10_s200t_firmware
- zxa10_b800v2
- zxa10_s100v
- zxa10_b710c-a12
- zxa10_b866v2-h
- zxa10_b866v2-h_firmware
CWE