CVE-2014-9184
ZTE ZXDSL 831CII allows remote attackers to bypass authentication via a direct request to (1) main.cgi, (2) adminpasswd.cgi, (3) userpasswd.cgi, (4) upload.cgi, (5) conprocess.cgi, or (6) connect.cgi.
Published
2014-12-02T18:59:02.353
Last Modified
2025-04-12T10:46:40.837
Status
Deferred
Source
[email protected]
Severity
CVSSv2: 5.0 (MEDIUM)
CVSSv2 Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
- Access Vector: NETWORK
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: NONE
- Integrity Impact: PARTIAL
- Availability Impact: NONE
Exploitability Score
10.0
Impact Score
2.9
Weaknesses
Affected Vendors & Products
| Type |
Vendor |
Product |
Version/Range |
Vulnerable? |
| Hardware |
zte
|
zxdsl
|
831cii |
Yes
|
References