CVE-2023-25644

Summary

There is a denial of service vulnerability in some ZTE mobile internet products. Due to insufficient validation of Web interface parameter, an attacker could use the vulnerability to perform a denial of service attack.

Affected Software

VendorProductVersion RangeStatus
ZTEMC801AMC801A_Elisa3_B19 <= B19affected
ZTEMC801A1MC801A1_Elisa1_B04 <= B04affected

Weaknesses

  • CWE-755: CWE-755 Improper Handling of Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References