Zxv10 W300 Firmware@1.0.0a zrd lk Security Vulnerabilities and Issues — Zxv10 W300 Firmware@1.0.0a zrd lk CVE List

Lucene search

ZteZxv10 W300 Firmware1.0.0a zrd lk

3 matches found

cve•added 2014/07/16 2:19 p.m.•47 views

CVE-2014-4018

The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors.

7.8CVSS7.4AI score0.06627EPSS

cve•added 2014/06/19 2:55 p.m.•41 views

CVE-2014-4155

Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to Forms/tools_admin_1.

6.8CVSS7.7AI score0.002EPSS

cve•added 2014/07/16 2:19 p.m.•37 views

CVE-2014-4154

ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js.

5CVSS7.3AI score0.10263EPSS