CVE-2022-23141
First published: Fri Jul 15 2022(Updated: )
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.
Credit: psirt@zte.com.cn
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zte Zxmp M721 Firmware | =commond21bootv100004_ls1045 | |
| Zte Zxmp M721 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-23141?
CVE-2022-23141 is an information leak vulnerability in ZXMP M721.
What is the severity of CVE-2022-23141?
The severity of CVE-2022-23141 is high, with a CVSS score of 7.5.
How does CVE-2022-23141 affect Zte Zxmp M721 firmware?
CVE-2022-23141 affects Zte Zxmp M721 firmware version commond21bootv100004_ls1045.
How can an attacker exploit CVE-2022-23141?
An attacker can exploit CVE-2022-23141 by logging in to the device through the ineffective serial port authentication on the ZBOOT interface.
Is Zte Zxmp M721 vulnerable to CVE-2022-23141?
Yes, Zte Zxmp M721 is vulnerable to CVE-2022-23141.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- agent/description
- vendor/zte
- canonical/zte zxmp m721 firmware
- version/zte zxmp m721 firmware/commond21bootv100004_ls1045
- canonical/zte zxmp m721