Known Vulnerabilities for products from ZTE
Listed below are 20 of the newest known vulnerabilities associated with the vendor "ZTE".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by ZTE can be found at device.report : ZTE
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34472 json | Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauth... | Not Provided | 2026-03-30 | 2026-04-08 |
| CVE-2023-25651 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8 - HIGH | 2023-12-14 | 2023-12-19 |
| CVE-2023-25650 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-14 | 2023-12-19 |
| CVE-2023-25649 json | There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE... | 8.8 - HIGH | 2023-08-25 | 2023-08-31 |
| CVE-2023-25648 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2023-12-14 | 2023-12-19 |
| CVE-2023-25647 json | There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applicat... | 3.3 - LOW | 2023-08-17 | 2023-08-24 |
| CVE-2023-25645 json | There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-p... | 7.7 - HIGH | 2023-06-16 | 2023-06-26 |
| CVE-2023-25644 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-14 | 2023-12-18 |
| CVE-2023-25643 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-12-14 | 2023-12-18 |
| CVE-2023-25642 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-14 | 2023-12-18 |
| CVE-2022-45957 json | ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow. | 7.5 - HIGH | 2022-12-12 | 2022-12-15 |
| CVE-2022-39075 json | There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone... | 7.1 - HIGH | 2023-05-30 | 2023-06-07 |
| CVE-2022-39074 json | There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone... | 3.3 - LOW | 2023-05-30 | 2023-06-07 |
| CVE-2022-39073 json | There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker... | 9.8 - CRITICAL | 2023-01-06 | 2023-01-12 |
| CVE-2022-39072 json | There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input para... | 5.4 - MEDIUM | 2023-01-06 | 2023-08-08 |
| CVE-2022-39071 json | There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone... | 7.1 - HIGH | 2023-05-30 | 2023-06-07 |
| CVE-2022-39070 json | There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attack... | 9.8 - CRITICAL | 2022-11-22 | 2022-11-28 |
| CVE-2022-39069 json | There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could tr... | 5.3 - MEDIUM | 2022-11-08 | 2022-11-09 |
| CVE-2022-39067 json | There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, ... | 6.5 - MEDIUM | 2022-11-22 | 2022-11-30 |
| CVE-2022-39066 json | There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook... | 8.8 - HIGH | 2022-11-22 | 2022-11-30 |
Known software with vulnerabilities from ZTE
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Zte | E8820v3 | - |
| Operating System | Zte | E8820v3 Firmware | - |
| Hardware | Zte | F460 | - |
| Hardware | Zte | F660 | - |
| Hardware | Zte | F680 | - |
| Operating System | Zte | F680 Firmware | zxhn_f680v9.0.10p1n6 |
| Hardware | Zte | F6x2w | - |
| Operating System | Zte | F6x2w Firmware | 6.0.10p2t13 |
| Hardware | Zte | Mf910s | - |
| Operating System | Zte | Mf910s Firmware | - |
| Hardware | Zte | Mf920 | - |
| Operating System | Zte | Mf920 Firmware | bd_r218v2.4 |
| Hardware | Zte | Netnumen U31 R10 | - |
| Operating System | Zte | Netnumen U31 R10 Firmware | v12.14.30 |
| Application | Zte | Oscp | 16.19.10 |
| Hardware | Zte | R5300g4 | - |
| Operating System | Zte | R5300g4 Firmware | 03.08.0200 |
| Hardware | Zte | R5500g4 | - |
| Operating System | Zte | R5500g4 Firmware | 03.08.0200 |
| Hardware | Zte | R8500g4 | - |