CVE-2021-21751

Published: Dec 27, 2021Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

ZTE BigVideo analysis product has an input verification vulnerability. Due to the inconsistency between the front and back verifications when configuring the large screen page, an attacker with high privileges could exploit this vulnerability to tamper with the URL and cause service exception.

Affected (1)

Products: Zte: Zxin10 Cms

Zte

1 product

Zxin10 Cms

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Zte Zxin10 Cms	Up to 3.01.01.04

References (2)

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884

Source: psirt@zte.com.cn

Vendor Advisory

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.