14 matches found
EUVD-2019-13048
Malware in sbrugna...
EUVD-2019-13049
Malware in sbrugna...
ZTE WF820+ LTE Outdoor CPE Cross-Site Request Forgery Vulnerability
The ZTE WF820+ LTE Outdoor CPE is an outdoor CPE Customer Premise Equipment device from ZTE China. A cross-site request forgery vulnerability exists in the ZTE WF820+ LTE Outdoor CPE UKBBWF820+1.0.0B06 prior version, which originates from a WEB application that does not adequately verify that the...
ZTE WF820+ LTE Outdoor CPE Command Injection Vulnerability
The ZTE WF820+ LTE Outdoor CPE is an outdoor CPE Customer Premise Equipment device from ZTE China. A command injection vulnerability exists in the ZTE WF820+ LTE Outdoor CPE UKBBWF820+1.0.0B06 prior version, which originates from a network system or product not properly filtering specific element...
Command injection
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user terminal system...
CVE-2019-3409
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user terminal system...
CVE-2019-3410
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. An attacker can exploit this vulnerability to sen...
CVE-2019-3409
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user terminal system...
Cross site request forgery (csrf)
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. An attacker can exploit this vulnerability to sen...
CVE-2019-3410
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. An attacker can exploit this vulnerability to sen...
CVE-2019-3410
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequately verify whether requests come from trusted users. An attacker can exploit this vulnerability to sen...
CVE-2019-3410
Summary: CVE-2019-3410 affects the ZTE WF820+ LTE Outdoor CPE family, up to version UKBB_WF820+_1.0.0B06. The issue is Cross-Site Request Forgery, arising from web applications not adequately verifying the source of requests from trusted users, enabling an attacker to cause unintended server acti...
CVE-2019-3409
All versions up to UKBBWF820+1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user terminal system...
CVE-2019-3409
The CVE describes a command injection in ZTE WF820+ LTE Outdoor CPE, affecting UKBB_WF820+_1.0.0B06 and earlier. The root cause is inadequate input/data filtering when constructing executable commands, allowing an attacker to control the user terminal system. Several connected sources (NVD, CNVD,...