ZTE ZXV10 W300 Router firmware 1.0.0a_ZRD_LK

CPE Details

ZTE ZXV10 W300 Router firmware 1.0.0a_ZRD_LK
zte
zxv10_w300_firmware
1.0.0a_zrd_lk
2014-06-20
15h16 +00:00
2014-06-20
16h40 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:zte:zxv10_w300_firmware:1.0.0a_zrd_lk:*:*:*:*:*:*:*

Informations

Vendor

zte

Product

zxv10_w300_firmware

Version

1.0.0a_zrd_lk

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-8703 2015-12-30 01h00 +00:00 ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248.
6.5
Medium
CVE-2014-4018 2014-07-16 12h00 +00:00 The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors.
7.8
CVE-2014-4154 2014-07-16 12h00 +00:00 ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js.
5
CVE-2014-4155 2014-06-19 12h00 +00:00 Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to Forms/tools_admin_1.
6.8