First published: Wed Dec 30 2015(Updated: )
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote authenticated users to bypass intended access restrictions via a modified request, as demonstrated by leveraging the support account to change a password via a cgi-bin/webproc accountpsd action.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zte Zxhn H108n R1a Firmware | <=zte.bhs.zxhnh108nr1a.h_pe | |
ZTE ZXHN H108N R1A |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.