CVE-2018-7360

Published: Nov 16, 2018Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp service.

Affected (1)

Products: Zte: Zxhn F670 Firmware

Zte

1 product

Zxhn F670 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zte Zxhn F670 Firmware	Before 1.1.10p3t18

Running on/with	Platform Versions
Zte Zxhn F670	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009383

Source: psirt@zte.com.cn

Vendor Advisory

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009383

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.