Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-39069

There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.

Published

2022-11-08T18:15:11.343

Last Modified

2025-05-01T14:15:27.523

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-89
Type: Secondary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zte	zaip-aie	< 8.22.02	Yes

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1026604 Vendor Advisory ([email protected])
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1026604 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)