VYPR

ZXV10 W300

by Zte

CVEs (3)

  • CVE-2015-7259HigAug 24, 2017
    risk 0.61cvss 8.8epss 0.09

    ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs.

  • CVE-2015-7258HigAug 24, 2017
    risk 0.61cvss 8.8epss 0.13

    ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.

  • CVE-2015-7257HigAug 24, 2017
    risk 0.52cvss 7.5epss 0.07

    ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin".