Configuration Defect in ZTELink for iOS Causes WiFi Service Accessibility Issues
CVE-2025-26708

4.2MEDIUM

Key Information:

Vendor: Zte
Status: Mu5120
Vendor: CVE Published:; 7 March 2025

What is CVE-2025-26708?

A configuration defect has been identified in ZTELink version 5.4.9 for iOS. This vulnerability stems from an issue with the WiFi parameter configuration, which can be exploited by attackers to gain unauthorized access to the WiFi service. Users are advised to review their current configurations and apply necessary security measures to mitigate potential risks. For further information, refer to ZTE's official support link.

Affected Version(s)

MU5120 ZTELink 5.4.0

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bullet...

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2025
Vulnerability Reserved
Feb 14, 2025

Zte

What is CVE-2025-26708?

Affected Version(s)

References

CVSS V3.1

Timeline