N/A

All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user terminal system.

N/A

N/A

ZTE WF820+ LTE Outdoor CPE 命令操作系统命令注入漏洞

ZTE WF820+ LTE Outdoor CPE是中国中兴通讯（ZTE）公司的一款室外CPE（Customer Premise Equipment）设备。 ZTE WF820+ LTE Outdoor CPE UKBB_WF820+_1.0.0B06之前版本中存在命令操作系统命令注入漏洞，该漏洞源于外部输入数据构造可执行命令过程中，网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞执行非法命令。

N/A

N/A