CVE-2021-21726
Summary
| CVE | CVE-2021-21726 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-03-12 19:15:00 UTC |
| Updated | 2021-03-19 14:48:00 UTC |
| Description | Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illegal parameters. This affects:<ZXONE 9700 , ZXONE 8700, ZXONE 19700><V1.40.021.021CP049, V1.0P02B219_@NCPM-RELEASE_2.40R1-20200914.set> |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Zte | Zxone 19700 | - | All | All | All |
| Operating System | Zte | Zxone 19700 Firmware | 1.0p02b219_\@ncpm-release_2.40r1-20200914.set | All | All | All |
| Hardware | Zte | Zxone 8700 | - | All | All | All |
| Operating System | Zte | Zxone 8700 Firmware | 1.40.021.021cp049 | All | All | All |
| Hardware | Zte | Zxone 9700 | - | All | All | All |
| Operating System | Zte | Zxone 9700 Firmware | 1.40.021.021cp049 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Bulletin Details | MISC | support.zte.com.cn | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.