CVE-2018-7358

CVE-2018-7358 affects ZTE ZXHN H168N devices (versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7, V2.2.0_PK11T) and is described as an improper change control vulnerability that may allow an unauthenticated attacker to perform unauthorized operations. Connected references document an access-c...

CVE-2015-8703

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE and ZXV10 W300 devices W300V1.0.0fER1PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248...

CVE-2015-7248

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703...

CVE-2015-7249

The provided connected sources document multiple CVEs (CVE-2015-7248 through CVE-2015-7252) affecting ZTE ZXHN H108N R1A (and related ZXV10 W300 variants). Affected components include the webproc CGI module and related pages, enabling: information exposure (credentials/config data in web sources ...