CVE-2019-3426

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations...

CVE-2019-3425

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts...

CVE-2019-3425

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts...

CVE-2019-3426

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations...

CVE-2019-3426

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations...

Design/Logic Flaw

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts...

CVE-2019-3426

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations...

CVE-2019-3425

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts...

CVE-2019-3425

CVE-2019-3425 affects ZTE ZXUPN-9000E devices (9000EV5.0R1B12 and earlier). The vulnerability is a permission/access-control flaw in the 9000E platform that allows an attacker to directly reset or change passwords on other accounts. Connected documents corroborate the same issue across multiple s...

ZTE 9000E Privilege Permission and Access Control Issues Vulnerability

The ZTE 9000E is a carrier-grade multi-service packet platform product from China's ZTE Corporation ZTE. A privilege permission and access control issue vulnerability exists in ZTE 9000E 9000EV5.0R1B12 and earlier versions, which can be exploited by an attacker to directly setup and change the...

Design/Logic Flaw

The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack arbitrary sessions via a brute force attack...

Alcatel-Lucent OmniSwitch Web Interface Weak Session ID Vulnerability

Vulnerability in the management web interface of an Alcatel-Lucent OmniSwitch 6450. This interface uses easily guessable session IDs, which allows attackers to authenticate as a currently logged-in user and perform administrative tasks Details ======= Product: Alcatel-Lucent OmniSwitch 6450, 6250...