Two Vulnerabilities in Some ZTE Mobile Internet Products
CVE-2023-25642

5.9MEDIUM

Key Information:

Vendor

ZTE

Status
MC801A
MC801A1
Vendor
CVE Published:
14 December 2023

What is CVE-2023-25642?

There is a buffer overflow vulnerability in some ZTEĀ mobile internetĀ producsts. Due to insufficient validation of tcp port parameter,Ā an authenticated attacker could use the vulnerability to perform a denial of service attack.Ā 

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MC801A Linux MC801A_Elisa3_B19

MC801A1 MC801A1_Elisa1_B04

References

https://support.zte.com.cn/support/news/LoopholeInfoDetai...

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.