CVE-2024-22063

Summary

The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devices.

Affected Software

VendorProductVersion RangeStatus
ZTEZENIC ONE R580 <= ZENIC ONE R58V16.24.20SP01affected

Weaknesses

  • CWE-1236: CWE-1236

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References