5 matches found
CVE-2015-7259
ZTE ADSL ZXV10 W300 modems (W300V2.1.0f_ER7_PE_O57, W300V2.1.0h_ER7_PE_O57) expose an authentication flaw where a remote authenticated user can log in to a target account using any valid username/password pair, effectively enabling unauthorized access via multiple credential pairs (information di...
CVE-2015-7259
ZTE ADSL ZXV10 W300 modems W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs...
ZTE ADSL ZXV10 W300 Authorization / Disclosure / Backdoor
Exploit Title: ZTE ADSL ZXV10 W300 modems - Multiple vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.zte.com.cn Versions Reported: W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 CVE-ID: CVE-2015-7257 CVE-2015-7258 CVE-2015-7259 Note: Large deployment size, primarily in Peru, used b...
ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities
ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities Exploit Title: ZTE ADSL ZXV10 W300 modems - Multiple vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.zte.com.cn Versions Reported: W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 CVE-ID: CVE-2015-7257 CVE-2015-7258 CVE-2015-7259...
ZTE ADSL Authorization Bypass / Information Disclosure
ZTE ADSL modems - Multiple vulnerabilities Confirmed on 2 of multiple software versions - W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 1 Insufficient authorization controls CVE-ID: CVE-2015-7257 Observed in Password Change functionality. Other functions may be vulnerable as well. Expected behavior...