ZTE ZXvSTB License Issue Vulnerability

2022-09-2800:00:00

China National Vulnerability Database

www.cnvd.org.cn

zte zxvstb

cloud-based set-top box

authorization issue

vulnerability

improper permission control

default application type

system.

0.001 Low

EPSS

Percentile

43.8%

JSON

ZTE ZXvSTB is a cloud-based set-top box from ZTE Corporation (China).ZTE ZXvSTB has an authorization issue vulnerability, which stems from improper permission control, and an attacker can use the vulnerability to remove the default application type and affect the normal use of the system.

CPENameOperatorVersion
zte zxa10 b800v2 <=2.eq01.02.01
zte zxa10 b860av2.1 <=2.eq01.02.01
zte zxa10 b860h <=2.eq01.02.01
zte zxa10 b866v2-h <=2.eq01.02.01
zte zxa10 b866v5-w10 <=2.eq01.02.01
zte zxa10 b960gv1 <=2.eq01.02.01
zte zxa10 b710c-a12 <=2.eq01.02.01
zte zxa10 b710s2-a19 <=2.eq01.02.01
zte zxa10 b836ct-a15 <=2.eq01.02.01
zte zxa10 s100v <=2.eq01.02.01

Name	Operator	Version
zte zxa10 b800v2 <=2.	eq	01.02.01
zte zxa10 b860av2.1 <=2.	eq	01.02.01
zte zxa10 b860h <=2.	eq	01.02.01
zte zxa10 b866v2-h <=2.	eq	01.02.01
zte zxa10 b866v5-w10 <=2.	eq	01.02.01
zte zxa10 b960gv1 <=2.	eq	01.02.01
zte zxa10 b710c-a12 <=2.	eq	01.02.01
zte zxa10 b710s2-a19 <=2.	eq	01.02.01
zte zxa10 b836ct-a15 <=2.	eq	01.02.01
zte zxa10 s100v <=2.	eq	01.02.01

Rows per page:

1-10 of 131

0.001 Low

EPSS

Percentile

43.8%

JSON

Related for CNVD-2022-88193