VYPR

MF258K Pro

by Zte

CVEs (2)

  • CVE-2024-22065MedOct 29, 2024
    risk 0.44cvss 6.8epss 0.01

    There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.

  • CVE-2025-66315Jan 9, 2026
    risk 0.00cvss epss 0.00

    There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific directory.