VYPR
Vendor

Zte

Products
141
CVEs
179
Across products
124
Status
Private

Products

141
View all 141 products →

Recent CVEs

179
View all 179 CVEs →
  • CVE-2015-7251CriDec 30, 2015
    risk 0.68cvss 9.8epss 0.11

    ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.

  • CVE-2025-46581CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.01

    ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges.

  • CVE-2024-45415CriSep 16, 2024
    risk 0.64cvss 9.8epss 0.00

    The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it…

  • CVE-2017-10934CriJul 25, 2018
    risk 0.64cvss 9.8epss 0.03

    All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the…

  • CVE-2017-10932CriSep 28, 2017
    risk 0.64cvss 9.8epss 0.04

    All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library…

  • CVE-2017-10930CriSep 19, 2017
    risk 0.64cvss 9.8epss 0.01

    The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords.

  • CVE-2017-3216CriJun 20, 2017
    risk 0.64cvss 9.8epss 0.05

    WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a…

  • CVE-2015-7259HigAug 24, 2017
    risk 0.61cvss 8.8epss 0.09

    ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs.

  • CVE-2015-7258HigAug 24, 2017
    risk 0.61cvss 8.8epss 0.13

    ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.

  • CVE-2025-53558HigJul 31, 2025
    risk 0.59cvss 8.8epss 0.01

    ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. With the knowledge of the credential, an attacker may log in to the affected devices.

  • CVE-2017-16953HigDec 1, 2017
    risk 0.53cvss 7.5epss 0.11

    connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request.

  • CVE-2015-7250HigDec 30, 2015
    risk 0.53cvss 7.5epss 0.16

    Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.

  • CVE-2026-34474HigMay 6, 2026
    risk 0.52cvss 7.5epss 0.25

    Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN…

  • CVE-2026-34473HigMay 6, 2026
    risk 0.52cvss 7.5epss 0.02

    Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered against the router's web interface by sending an oversized…

  • CVE-2015-7257HigAug 24, 2017
    risk 0.52cvss 7.5epss 0.07

    ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin".

  • CVE-2015-7248HigDec 30, 2015
    risk 0.52cvss 7.5epss 0.07

    ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.

  • CVE-2015-0974HigAug 28, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privilege by modifying the 'Ucell Internet' directory to reference a malicious mms_dll_r.dll or mediaplayerdll.dll.

  • CVE-2025-46582HigOct 27, 2025
    risk 0.50cvss 7.7epss 0.00

    A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security.

  • CVE-2026-34472HigMar 30, 2026
    risk 0.49cvss 7.1epss 0.09

    Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator…

  • CVE-2025-66314HigNov 27, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNet_UME_R32_V16.23.20.04.