CVE-2021-21736
First published: Thu Jun 10 2021(Updated: )
A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have been revoked can still control the camera, such as restarting the camera, restoring factory settings, etc.. This affects ZXHN HS562 V1.0.0.0B2.0000, V1.0.0.0B3.0000E
Credit: psirt@zte.com.cn
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zte Zxhn Hs562 Firmware | =1.0.0.0b2.0000 | |
| Zte Zxhn Hs562 Firmware | =1.0.0.0b3.0000 | |
| Zte Zxhn Hs562 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this ZTE smart camera vulnerability?
The vulnerability ID of this ZTE smart camera vulnerability is CVE-2021-21736.
What is the severity rating of CVE-2021-21736?
The severity rating of CVE-2021-21736 is 7.2, which is considered high.
Which software versions are affected by CVE-2021-21736?
The Zte Zxhn Hs562 Firmware versions 1.0.0.0b2.0000 and 1.0.0.0b3.0000 are affected by CVE-2021-21736.
What is the impact of CVE-2021-21736?
The impact of CVE-2021-21736 is that users whose sharing permissions have been revoked can still control the camera, such as restarting the camera and restoring factory settings.
Is Zte Zxhn Hs562 device itself vulnerable to CVE-2021-21736?
No, the Zte Zxhn Hs562 device is not vulnerable to CVE-2021-21736.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/zte
- canonical/zte zxhn hs562 firmware
- version/zte zxhn hs562 firmware/1.0.0.0b2.0000
- version/zte zxhn hs562 firmware/1.0.0.0b3.0000
- canonical/zte zxhn hs562