VYPR

ZXCDN

by Zte

CVEs (3)

  • CVE-2025-46581CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.01

    ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges.

  • CVE-2017-10936HigJul 25, 2018
    risk 0.49cvss 7.5epss 0.01

    SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information.

  • CVE-2022-23137MedMay 11, 2022
    risk 0.40cvss 6.1epss 0.01

    ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered.