CVE-2023-25643 - CERT CVE

  1. CVE-2023-25643

ID CVE-2023-25643
Sažetak There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.
Reference
CVSS
Base: 8.8
Impact: 5.9
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 18-12-2023 - 20:09
Objavljeno 14-12-2023 - 08:15