MF971R
by Zte
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-21745 | 0.03 | — | 0.56 | Oct 20, 2021 | ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click. | |||
| CVE-2021-21748 | 0.00 | — | 0.02 | Oct 20, 2021 | ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. | |||
| CVE-2021-21749 | 0.00 | — | 0.02 | Oct 20, 2021 | ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. | |||
| CVE-2021-21743 | 0.00 | — | 0.01 | Oct 20, 2021 | ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request. | |||
| CVE-2021-21744 | 0.00 | — | 0.01 | Oct 20, 2021 | ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled. | |||
| CVE-2021-21747 | 0.00 | — | 0.01 | Oct 20, 2021 | ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information. | |||
| CVE-2021-21746 | 0.00 | — | 0.01 | Oct 20, 2021 | ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information. |
- CVE-2021-21745Oct 20, 2021risk 0.03cvss —epss 0.56
ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.
- CVE-2021-21748Oct 20, 2021risk 0.00cvss —epss 0.02
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
- CVE-2021-21749Oct 20, 2021risk 0.00cvss —epss 0.02
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
- CVE-2021-21743Oct 20, 2021risk 0.00cvss —epss 0.01
ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request.
- CVE-2021-21744Oct 20, 2021risk 0.00cvss —epss 0.01
ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled.
- CVE-2021-21747Oct 20, 2021risk 0.00cvss —epss 0.01
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.
- CVE-2021-21746Oct 20, 2021risk 0.00cvss —epss 0.01
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.