17 matches found
EUVD-2024-19663
Malicious code in bioql PyPI...
EUVD-2023-46273
Malicious code in bioql PyPI...
CVE-2024-22065
There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands...
CVE-2023-41781
There is a Cross-site scripting XSS vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered...
CVE-2024-22065
There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands...
CVE-2024-22065
CVE-2024-22065 describes a command‑injection vulnerability in ZTE MF258 Pro routers. The issue stems from insufficient validation of the Ping Diagnosis interface parameter, enabling an authenticated attacker to execute arbitrary commands. Public sources consistently identify this concrete vector ...
CVE-2024-22065 ZTE MF258 Pro product has a OS Command injection vulnerability
There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands...
CVE-2024-22065 ZTE MF258 Pro product has a OS Command injection vulnerability
There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands...
PT-2024-19179 · Zte · Zte Mf258 Pro
Name of the Vulnerable Software and Affected Versions: ZTE MF258 Pro affected versions not specified Description: The issue is related to a command injection vulnerability. It occurs due to insufficient validation of the Ping Diagnosis interface parameter, allowing an authenticated attacker to...
ZTE MF258 Pro 安全漏洞
ZTE MF258 Pro is a desktop router from ZTE Corporation ZTE, China. A security vulnerability exists in ZTE MF258 Pro version 1.0.0B03, which originates from insufficient validation of Ping diagnostic interface parameters, resulting in a command injection vulnerability...
CVE-2023-41781
There is a Cross-site scripting XSS vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered...
Cross site scripting
There is a Cross-site scripting XSS vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered...
CVE-2023-41781 XSS Vulnerability in ZTE MF258 Products
There is a Cross-site scripting XSS vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered...
CVE-2023-41781 XSS Vulnerability in ZTE MF258 Products
There is a Cross-site scripting XSS vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered...
CVE-2023-41781
ZTE MF258 is reported to have a Cross-site Scripting (XSS) vulnerability caused by insufficient input validation of the SMS interface parameter. The CVE-2023-41781 entry documents XSS on the affected device, with references indicating the issue stems from SMS parameter handling. Connected sources...
ZTE MF258 Cross-Site Scripting Vulnerability
The ZTE MF258 is a desktop router from ZTE Corporation ZTE, China. A cross-site scripting vulnerability exists in the ZTE MF258 version prior to ZTESTDV1.0.0B11, which stems from insufficient validation of SMS interface parameter inputs, resulting in a cross-site scripting attack...
PT-2024-12971 · Zte · Zte Mf258
Name of the Vulnerable Software and Affected Versions: ZTE MF258 affected versions not specified Description: There is a Cross-site scripting XSS issue due to insufficient input validation of the SMS interface parameter, which can trigger an XSS attack. Recommendations: At the moment, there is no...