Lucene search
K

24 matches found

CNVD
CNVD
added 2025/10/17 12:0 a.m.7 views

ZTE ZXCDN Struts Remote Code Execution Vulnerability

ZTE ZXCDN is a unified network management platform from China's ZTE Corporation ZTE. ZTE ZXCDN suffers from a Struts remote code execution vulnerability, which can be exploited by an attacker to remotely execute commands with non-root privileges...

9.8CVSS6.5AI score0.00731EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/15 1:45 p.m.9 views

CVE-2025-46581

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

9.8CVSS8.5AI score0.00731EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 8:54 a.m.5 views

CVE-2025-46581 ZTE ZXCDN product has a Struts RCE Vulnerability

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

9.8CVSS8.2AI score0.00731EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 8:54 a.m.13 views

CVE-2025-46581

CVE-2025-46581 affects ZTE ZXCDN, with an Apache Struts remote code execution vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges. Several connected sources corroborate a Struts-based RCE affecting ZXCDN, but none provide concrete product version(s) o...

9.8CVSS8.2AI score0.00731EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 8:54 a.m.6 views

CVE-2025-46581 ZTE ZXCDN product has a Struts RCE Vulnerability

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

9.8CVSS0.00731EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.3 views

ZTE ZXCDN 安全漏洞

ZTE ZXCDN is a unified network management platform from ZTE Corporation ZTE, China. A security vulnerability exists in ZTE ZXCDN, which originates from an Apache Struts remote code execution vulnerability that could lead to remote command execution with non-root privileges...

9.8CVSS8AI score0.00731EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.3 views

PT-2025-41861

Name of the Vulnerable Software and Affected Versions ZTE ZXCDN product affected versions not specified Description The ZTE ZXCDN product is susceptible to a remote code execution RCE issue stemming from a flaw in the Struts framework. An attacker who does not need to be authenticated can execute...

9.8CVSS7.7AI score0.00731EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-2574

Malware in sbrugna...

7.5CVSS7.6AI score0.01336EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-13067

Malware in sbrugna...

6.5CVSS6.6AI score0.00885EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28228

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00525EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.7 views

CVE-2019-3428

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

6.5CVSS6.7AI score0.00885EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.9 views

CVE-2019-3427

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage...

7.2CVSS7AI score0.0108EPSS
Exploits0References1
OSV
OSV
added 2022/05/11 4:15 p.m.4 views

CVE-2022-23137

ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered...

6.1CVSS5.7AI score0.00525EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/20 12:0 a.m.6 views

ZXCDN Information Disclosure Vulnerability

ZTE ZXCDN IAMWEB is an authentication product from ZTE Corporation ZTE, China. ZXCDN suffers from an information leakage vulnerability, which can be exploited by an attacker to further analyze the information returned by the program to obtain some sensitive information...

4.9CVSS6.6AI score0.0079EPSS
Exploits0References1
NVD
NVD
added 2019/11/22 4:15 p.m.16 views

CVE-2019-3428

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

6.5CVSS6.4AI score0.00885EPSS
Exploits0References1
OSV
OSV
added 2019/11/22 4:15 p.m.4 views

CVE-2019-3428

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

6.5CVSS6.6AI score0.00885EPSS
Exploits0References1
Prion
Prion
added 2019/11/22 4:15 p.m.15 views

Code injection

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage...

6.5CVSS6.9AI score0.0108EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/22 4:15 p.m.16 views

Design/Logic Flaw

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

4CVSS6.3AI score0.00885EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/22 3:49 p.m.20 views

CVE-2019-3428

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

6.4AI score0.00885EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/22 3:49 p.m.23 views

CVE-2019-3427

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage...

7AI score0.0108EPSS
Exploits0References1
Rows per page
Query Builder