ZTE ZXCDN-SNS SQL Injection Vulnerability

ZTE ZXCDN-SNS is a hardware device from ZTE Corporation ZTE, China. A SQL injection vulnerability exists in ZTE ZXCDN-SNS versions prior to 4.01.01. A remote attacker can exploit this vulnerability by executing arbitrary SQL commands with the help of the 'aoData' parameter to disclose information...

CVE-2017-10936

SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information...