CVE-2022-23144

Summary

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.

Affected Software

VendorProductVersion RangeStatus
n/aZXvSTBAll versions up to ZXvSTB-CAMSV2.01.02.01affected

Weaknesses

  • access control vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References