Authentication Bypass in ZTE ZXDSL 831CII Product by ZTE Corporation
CVE-2014-9184

Currently unrated

Key Information:

Vendor: Zte
Status: Zxdsl
Vendor: CVE Published:; 2 December 2014

What is CVE-2014-9184?

The ZTE ZXDSL 831CII is susceptible to an authentication bypass vulnerability, allowing malicious actors to gain unauthorized access to sensitive functionalities. This can be exploited through direct requests to specific scripts including main.cgi, adminpasswd.cgi, userpasswd.cgi, upload.cgi, conprocess.cgi, or connect.cgi, bypassing the standard authentication mechanisms and facilitating potential unauthorized control over the device.

References

http://packetstormsecurity.com/files/129015/ZTE-ZXDSL-831...

x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 2, 2014

Zte

What is CVE-2014-9184?

References

EPSS Score

Timeline