Unauthorized Resource Access in ZXR10 1800-2S by ZTE
CVE-2017-10930

9.8CRITICAL

Key Information:

Vendor: Zte
Status: Zx10 1800-2s
Vendor: CVE Published:; 19 September 2017

What is CVE-2017-10930?

In ZTE's ZXR10 1800-2S before version 3.00.40, a flaw allows unauthorized actors to gain access to restricted resources, enabling ordinary users to download sensitive configuration files. This weakness could lead to the exposure of critical information, including administrator accounts and passwords, posing significant security risks.

Affected Version(s)

ZX10 1800-2S All versions prior to V3.00.40

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2017
Vulnerability Reserved
Jul 5, 2017

Zte

What is CVE-2017-10930?

Affected Version(s)

References

CVSS V3.1

Timeline