Improper Access Control Vulnerability in ZTE ZXHN H168N Product
CVE-2018-7357

6.5MEDIUM

Key Information:

Vendor: Zte
Status: Zxhn H168n
Vendor: CVE Published:; 14 November 2018

What is CVE-2018-7357?

The ZTE ZXHN H168N product exhibits an improper access control vulnerability that could enable unauthorized users to gain access to sensitive areas of the device. This flaw exists in specific versions of the product and raises significant security concerns for users. It is crucial for organizations and individuals using affected versions to implement recommended updates to mitigate potential risks of unauthorized access.

Affected Version(s)

ZXHN H168N V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T

References

https://www.exploit-db.com/exploits/45972/

exploitx_refsource_EXPLOIT-DB

http://support.zte.com.cn/support/news/LoopholeInfoDetail...

x_refsource_CONFIRM

EPSS Score

39% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2018
Vulnerability Reserved
Feb 22, 2018

Zte

What is CVE-2018-7357?

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline