CVE-2017-10935

Summary

All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password.

Affected Software

VendorProductVersion RangeStatus
ZTEZXR10 1800-2SAll versions prior to ZSRV2 V3.00.40affected

Weaknesses

  • Weak Password Recovery Mechanism

ADP Enrichment

CVE Program Container

Additional References

References