CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

CNVD•added 2025/10/17 12:0 a.m.•6 views

ZTE ZXCDN Struts Remote Code Execution Vulnerability

ZTE ZXCDN is a unified network management platform from China's ZTE Corporation ZTE. ZTE ZXCDN suffers from a Struts remote code execution vulnerability, which can be exploited by an attacker to remotely execute commands with non-root privileges...

9.8CVSS6.5AI score0.00343EPSS

Exploits0

RedhatCVE•added 2025/10/15 1:45 p.m.•2 views

CVE-2025-46581

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

9.8CVSS8.5AI score0.00343EPSS

Exploits0References1

NVD•added 2025/10/14 9:15 a.m.•2 views

CVE-2025-46581

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

9.8CVSS0.00343EPSS

Exploits0References1

Cvelist•added 2025/10/14 8:54 a.m.•4 views

CVE-2025-46581 ZTE ZXCDN product has a Struts RCE Vulnerability

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

9.8CVSS0.00343EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 8:54 a.m.•3 views

CVE-2025-46581 ZTE ZXCDN product has a Struts RCE Vulnerability

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

9.8CVSS8.2AI score0.00343EPSS

Exploits0References1

CVE•added 2025/10/14 8:54 a.m.•3 views

CVE-2025-46581

CVE-2025-46581 affects ZTE ZXCDN, with an Apache Struts remote code execution vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges. Several connected sources corroborate a Struts-based RCE affecting ZXCDN, but none provide concrete product version(s) o...

9.8CVSS8.2AI score0.00343EPSS

Exploits0References1

CNNVD•added 2025/10/14 12:0 a.m.•2 views

ZTE ZXCDN 安全漏洞

ZTE ZXCDN is a unified network management platform from ZTE Corporation ZTE, China. A security vulnerability exists in ZTE ZXCDN, which originates from an Apache Struts remote code execution vulnerability that could lead to remote command execution with non-root privileges...

9.8CVSS8AI score0.00343EPSS

Exploits0References1

Positive Technologies•added 2025/10/14 12:0 a.m.•2 views

PT-2025-41861

Name of the Vulnerable Software and Affected Versions ZTE ZXCDN product affected versions not specified Description The ZTE ZXCDN product is susceptible to a remote code execution RCE issue stemming from a flaw in the Struts framework. An attacker who does not need to be authenticated can execute...

9.8CVSS7.7AI score0.00343EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-13067

Malware in sbrugna...

6.5CVSS6.6AI score0.0031EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-2574

Malware in sbrugna...

7.5CVSS7.6AI score0.0029EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-8905

Malicious code in bioql PyPI...

4.9CVSS5.3AI score0.00296EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-28228

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00317EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:30 p.m.•3 views

CVE-2021-21733

The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02...

4.9CVSS6.5AI score0.00296EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:33 a.m.•6 views

CVE-2019-3428

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

6.5CVSS6.7AI score0.0031EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:33 a.m.•5 views

CVE-2019-3427

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage...

7.2CVSS7AI score0.00473EPSS

Exploits0References1

CNVD•added 2022/05/13 12:0 a.m.•92 views

ZTE ZXCDN Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in ZTE ZXCDN, a unified network management platform from ZTE Corporation China. The vulnerability stems from the program's lack of data validation filtering of user-supplied data and output. An attacker can exploit the vulnerability to execute JavaScrip...

6.1CVSS1.6AI score0.00317EPSS

Exploits0References1

NVD•added 2022/05/11 4:15 p.m.•11 views

CVE-2022-23137

ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered...

6.1CVSS0.00317EPSS

Exploits0References1