Unrated severityNVD Advisory· Published Oct 29, 2024· Updated Oct 29, 2024
ZTE MF258 Pro product has a OS Command injection vulnerability
CVE-2024-22065
Description
There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: ZTE_MF258PRO_STD_V1.0.0B03
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.