Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-23144

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.

Published

2022-09-23T15:15:12.687

Last Modified

2025-05-22T19:15:29.063

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System zte zxa10_b76hv3_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b76hv3 - No
Operating System zte zxa10_b766v2_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b766v2 - No
Operating System zte zxa10_b800v2_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b800v2 - No
Operating System zte zxa10_b860av2.1_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b860av2.1 - No
Operating System zte zxa10_b860h_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b860h - No
Operating System zte zxa10_b866v2-h_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b866v2-h - No
Operating System zte zxa10_b866v5-w10_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b866v5-w10 - No
Operating System zte zxa10_b960gv1_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b960gv1 - No
Operating System zte zxa10_b710c-a12_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b710c-a12 - No
Operating System zte zxa10_b710s2-a19_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b710s2-a19 - No
Operating System zte zxa10_b836ct-a15_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b836ct-a15 - No
Operating System zte zxa10_s100v_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_s100v - No
Operating System zte zxa10_s200a_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_s200a - No
Operating System zte zxa10_s200t_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_s200t - No
Operating System zte zxa10_b700v7_firmware ≤ 2.01.02.01 Yes
Hardware zte zxa10_b700v7 - No
References