CVE-2024-22067

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 18, 2024

Updated: Nov 20, 2024

Summary

CVE-2024-22067 is a vulnerability affecting the ZTE NH8091 product. This issue stems from inadequate permission control within the Web module interface. An authenticated attacker canTake advantage of this flaw to execute arbitrary commands, posing a significant security risk. Improper access control is a common vulnerability, and this issue underscores the importance of implementing robust permission schemes to safeguard systems from unauthorized actions. Organizations using the ZTE NH8091 device should apply the necessary patches or updates as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ZTE Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uCEOW8
https://www.cve.org/CVERecord?id=CVE-2024-22067
https://nvd.nist.gov/vuln/detail/CVE-2024-22067

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-22067

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations