Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There is an input validation vulnerability in a PON terminal product of ZTE, which supports the creation of WAN connections through WEB management pages. The front-end limits the length of the WAN connection name that is created, but the HTTP proxy is available to be used to bypass the limitation. An attacker can exploit the vulnerability to tamper with the parameter value. This affects: ZTE F680 V9.0.10P1N6
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZTE F680 输入验证错误漏洞
Vulnerability Description
ZTE F680是中国中兴通讯(ZTE)公司的一款外置天线双频的GPON家庭网关设备。 ZTE F680 V9.0.10P1N6版本中存在输入验证错误漏洞,该漏洞源于不正确的访问控制。攻击者可利用该漏洞篡改程序界面参数以执行未经身份验证的操作。
CVSS Information
N/A
Vulnerability Type
N/A