There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.
[
{
"product": "ZXvSTB",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions up to ZXvSTB-CAMSV2.01.02.01"
}
]
}
]