Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-23141

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.

Published

2022-07-15T15:15:08.097

Last Modified

2024-11-21T06:48:05.130

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-532

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zte	zxmp_m721_firmware	commond21bootv100004_ls1045	Yes
Hardware	zte	zxmp_m721	-	No

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025264 Vendor Advisory ([email protected])
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025264 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)