VYPR
Unrated severityNVD Advisory· Published Jan 9, 2026· Updated Jan 9, 2026

ZTE MF258K Pro Version Server has a Configuration Defect Vulnerability

CVE-2025-66315

Description

There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific directory.

Affected products

2
  • Zte/MF258K Prollm-create2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: ZTE_MF258kPRO_PLAY_V1.0.0B03

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.