CSRF Vulnerability in ZTE ZXDSL Broadband Router
CVE-2012-4746

Currently unrated

Key Information:

Vendor: Zte
Status: Zxdsl
Vendor: CVE Published:; 31 August 2012

What is CVE-2012-4746?

A cross-site request forgery (CSRF) vulnerability exists in the accessaccount.cgi file of ZTE ZXDSL 831IIV7.5.0a_Z29_OV. This flaw enables remote adversaries to hijack administrative authentication. Exploitation of this vulnerability allows attackers to modify the administrator password by sending unauthorized requests containing the sysPassword parameter, potentially compromising the security of the device’s management interface. Proper safeguards should be implemented to mitigate this risk.

References

http://www.exploit-db.com/exploits/18722

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 31, 2012

Zte

What is CVE-2012-4746?

References

Timeline