Remote Access Vulnerability in ZTE ZXHN H108N and ZXV10 W300 Devices
CVE-2015-8703

6.5MEDIUM

Key Information:

Vendor

Zte

Status
Zxhn H108n R1a Firmware
Vendor
CVE Published:
30 December 2015

What is CVE-2015-8703?

ZTE ZXHN H108N R1A and ZXV10 W300 devices are exposed to a significant vulnerability that allows remote authenticated users to bypass critical access controls. This flaw enables them to read sensitive configuration files, thereby gaining unauthorized access to credentials and encryption keys. The issue stems from improper safeguards within the device firmware, which could lead to further exploitation if left unresolved. This vulnerability is distinct from other known vulnerabilities such as CVE-2015-7248, marking it as a serious concern for affected users.

References

http://www.securityfocus.com/bid/77421
vdb-entryx_refsource_BID
https://www.kb.cert.org/vuls/id/BLUU-9ZDJWA
x_refsource_CONFIRM
https://www.kb.cert.org/vuls/id/391604
third-party-advisoryx_refsource_CERT-VN

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.