Input validation

2021-01-2618:16:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

JSON

Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affects: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; all versions up to V1.01.10.B12.

CPENameOperatorVersion
zxr10_9904-s_firmwareeq<= v1.1.10.b12
zxr10_9904_firmwareeq<= v1.1.10.b12
zxr10_9908-s_firmwareeq<= v1.1.10.b12
zxr10_9908_firmwareeq<= v1.1.10.b12
zxr10_9916_firmwareeq<= v1.1.10.b12

Name	Operator	Version
zxr10_9904-s_firmware	eq	<= v1.1.10.b12
zxr10_9904_firmware	eq	<= v1.1.10.b12
zxr10_9908-s_firmware	eq	<= v1.1.10.b12
zxr10_9908_firmware	eq	<= v1.1.10.b12
zxr10_9916_firmware	eq	<= v1.1.10.b12

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014424