CVE-2022-23144

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system...

ZTE ZXvSTB License Issue Vulnerability

ZTE ZXvSTB is a cloud-enabled set-top box from China's ZTE. The ZTE ZXvSTB suffers from an authorization issue vulnerability that stems from improper privilege control, which can be exploited by an attacker to remove the default application type and affect the normal use of the system...

CVE-2022-23144

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system...

CVE-2022-23144

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system...

Improper access control

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system...

CVE-2022-23144

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system...

CVE-2022-23144

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system...

ZTE ZXvSTB 安全漏洞

ZTE ZXvSTB is a cloud-enabled set-top box from China's ZTE. The ZTE ZXvSTB suffers from an authorization issue vulnerability that stems from improper privilege control, which can be exploited by an attacker to remove the default application type and affect the normal use of the system...

PT-2022-6467 · Zte · Zte Zxvstb

Name of the Vulnerable Software and Affected Versions: ZTE ZXvSTB affected versions not specified Description: The issue is related to broken access control in the ZTE ZXvSTB product, caused by improper permission control. This allows attackers to delete the default application type, affecting th...

Millet user Be careful a system vulnerability has been hacker caught-vulnerability warning-the black bar safety net

You use the Xiaomi mobile phone? You the MIUI system is a 7. 2 The stable version before the system? If Yes, then congratulations you won the lottery. Your phone will likely be hack via a remote code execution vulnerability in the control. ! Millet user Be careful a system vulnerability has been...

Default application configuration files are available for download

h3. Summary of The Bug By browsing to the following URL path user would be able to download any files under /confluence/WEB-INF/... code/s/1519/3/1.0//WEB-INF/...code The above URL will be accessible by any users including anonymous even to an instance that does not allow anonymous access h5. Not...

Default application files available for download via the application server.

see: https://jira.atlassian.com/browse/JRA-31187 e.g. https://fisheye2.atlassian.com/s/1519/3/1.0//WEB-INF/ and https://fisheye2.atlassian.com/s/1519/3/1.0//WEB-INF/web.xml . FishEye shouldn't write any user data to the WEB-INF directory. The only files which are viewable there, should be the sam...