Information Disclosure Vulnerability in ZTE MU5250
CVE-2026-44409

5.7MEDIUM

Key Information:

Vendor: Zte
Status: Mu5250
Vendor: CVE Published:; 22 May 2026

What is CVE-2026-44409?

The ZTE MU5250 has an information disclosure vulnerability stemming from improper access control configurations. This flaw allows attackers to gain unauthorized information, exposing sensitive data and increasing the potential for data breaches. It's crucial for users and administrators of the ZTE MU5250 to review their security settings and implement recommended configurations to prevent unauthorized access.

Affected Version(s)

MU5250 BD_FLYMODEMMU5250V1.0.0B27

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bullet...

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 22, 2026
Vulnerability Reserved
May 6, 2026

Credit

Duc Anh Nguyen （from NTCS&TinyxLab）

CVE-2026-44409 Data

JSON