N/A

All versions up to V1.0.0B05 of ZTE MF65 and all versions up to V1.0.0B02 of ZTE MF65M1 are impacted by cross-site scripting vulnerability. Due to improper neutralization of input during web page generation, an attacker could exploit this vulnerability to conduct reflected XSS or HTML injection attacks on the devices.

N/A

N/A

ZTE MF65和ZTE MF65M1 跨站脚本漏洞

ZTE MF65和ZTE MF65M1都是中国中兴通讯（ZTE）公司的无线上网卡产品。 ZTE MF65 V1.0.0B05之前版本和ZTE MF65M1 V1.0.0B02之前版本中存在跨站脚本漏洞，该漏洞源于程序没有正确的过滤输入。远程攻击者可通过向URL链接中注入恶意的JavaScript代码利用该漏洞损坏设备。

N/A

N/A