Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Permission and Access Control Vulnerability in ZXV10 XT802/ET301
Vulnerability Description
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
Vulnerability Type
特权管理不恰当
Vulnerability Title
ZTE ZXV10 XT802和ZTE ZXV10 ET301 安全漏洞
Vulnerability Description
ZTE ZXV10 XT802和ZTE ZXV10 ET301都是中国中兴通讯(ZTE)公司的一款高清视频会议终端。 ZTE ZXV10 XT802 2.24.10P1之前版本和ZTE ZXV10 ET301 3.22.11P3之前版本存在安全漏洞,该漏洞源于存在权限改造漏洞,导致攻击者可以通过拦截修改密码的请求来非法登录终端网页和修改管理员密码。
CVSS Information
N/A
Vulnerability Type
N/A