CVE-2021-21736

2021-06-1011:28:57

zte

www.cve.org

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.9%

JSON

A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have been revoked can still control the camera, such as restarting the camera, restoring factory settings, etc… This affects ZXHN HS562 V1.0.0.0B2.0000, V1.0.0.0B3.0000E

CNA Affected

[
  {
    "product": "ZXHN HS562",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "V1.0.0.0B2.0000, V1.0.0.0B3.0000"
      }
    ]
  }
]

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015964