Mf971r Firmware@1v1.0.0b06 Security Vulnerabilities and Issues — Mf971r Firmware@1v1.0.0b06 CVE List

Lucene search

ZteMf971r Firmware1v1.0.0b06

7 matches found

CVE•added 2021/10/20 4:15 p.m.•65 views

CVE-2021-21745

ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.

4.3CVSS5.1AI score0.40585EPSS

CVE•added 2021/10/20 4:15 p.m.•50 views

CVE-2021-21749

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.

9.8CVSS10AI score0.01297EPSS

CVE•added 2021/10/20 4:15 p.m.•45 views

CVE-2021-21743

ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request.

4.3CVSS4.9AI score0.00362EPSS

CVE•added 2021/10/20 3:15 p.m.•43 views

CVE-2021-21747

ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.

6.1CVSS6.1AI score0.00526EPSS

CVE•added 2021/10/20 4:15 p.m.•41 views

CVE-2021-21748

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.

9.8CVSS10AI score0.01297EPSS

CVE•added 2021/10/20 4:15 p.m.•40 views

CVE-2021-21744

ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled.

7.5CVSS7.5AI score0.00241EPSS

CVE•added 2021/10/20 3:15 p.m.•33 views

CVE-2021-21746

ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.

6.1CVSS6.1AI score0.00526EPSS