CVE-2019-3411

Summary

All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit the vulnerability to obtain sensitive information about the affected components.

Affected Software

VendorProductVersion RangeStatus
ZTEZTE MF920unspecified <= All versions up to BD_R218V2.4affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References