CVE-2024-22069
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Aug 8, 2024
Updated: Aug 20, 2024
CWE ID 269
Summary
CVE-2024-22069 is a newly discovered vulnerability affecting ZTE's ZXV10 XT802/ET301 products. This issue involves a permission and access control flaw that allows attackers with standard permissions to illegally access and change the administrator password through the terminal web interface. Interception of password change requests enables unauthorized individuals to gain administrative control of the affected device. Organizations using these ZTE products are advised to implement immediate security measures to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share