First published: Tue Jun 11 2019(Updated: )
All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked.
Credit: psirt@zte.com.cn
Affected Software | Affected Version | How to fix |
---|---|---|
Zte Netnumen Dap Firmware | <=20.18.40.r7.b1 | |
ZTE NetNumen DAP |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this ZTE NetNumen DAP XSS vulnerability is CVE-2019-3413.
All versions up to V20.18.40.R7.B1 of ZTE NetNumen DAP are affected by this vulnerability.
The severity of CVE-2019-3413 is medium with a CVSS score of 5.4.
This vulnerability occurs due to the lack of correct validation of client data in WEB applications.
To fix the CVE-2019-3413 vulnerability, it is recommended to update to a version higher than V20.18.40.R7.B1 that includes the necessary validation of client data.