CVE-2023-25642

Summary

There is a buffer overflow vulnerability in some ZTE mobile internet producsts. Due to insufficient validation of tcp port parameter, an authenticated attacker could use the vulnerability to perform a denial of service attack. 

Affected Software

VendorProductVersion RangeStatus
ZTEMC801AMC801A_Elisa3_B19 <= B19affected
ZTEMC801A1MC801A1_Elisa1_B04 <= B04affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

References