Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-22067

ZTE NH8091 product has an improper permission control vulnerability. Due to improper permission control of the Web module interface, an authenticated attacker may exploit the vulnerability to execute arbitrary commands.

Published

2024-11-18T07:15:17.370

Last Modified

2025-03-13T17:15:28.333

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zte	nh8091_firmware	znh8091v1.8	Yes
Hardware	zte	nh8091	-	No

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/6179526095692935173 Vendor Advisory ([email protected])