CVE-2019-3427: Code Injection
First published: Fri Nov 22 2019(Updated: )
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage.
Credit: psirt@zte.com.cn
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zte Zxcdn Iamweb Firmware | =6.01.03.01 | |
| ZTE ZXCDN IAMWEB |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-3427?
The severity of CVE-2019-3427 is rated as high with a score of 7.2.
How can I mitigate CVE-2019-3427 vulnerability?
To mitigate CVE-2019-3427, apply the patch provided by the vendor or update to a non-vulnerable version of the ZTE ZXCDN IAMWEB product.
What software version is affected by CVE-2019-3427?
The version V6.01.03.01 of ZTE ZXCDN IAMWEB Firmware is affected by CVE-2019-3427.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/zte
- canonical/zte zxcdn iamweb firmware
- version/zte zxcdn iamweb firmware/6.01.03.01
- canonical/zte zxcdn iamweb