CVE-2023-25644

Published: Dic 14, 2023 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2023-29583 Aliases: GSD-2023-25644
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,5
Source: [email protected]
Attack Vector: adjacent_network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available


There is a denial of service vulnerability in some ZTE mobile internet products. Due to insufficient validation of Web interface parameter, an attacker could use the vulnerability to perform a denial of service attack.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0031
Percentile
0,5th
Updated

EPSS Score Trend (Last 90 Days)

755

Improper Handling of Exceptional Conditions

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Other
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: Medium
View CWE Details
Operating System

Mc801A Firmware by Zte

Product Information
Vendor Zte
Product Mc801A Firmware
Version mc801a_elisa3_b19
cpe:2.3:o:zte:mc801a_firmware:mc801a_elisa3_b19:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Mc801A1 Firmware by Zte

Product Information
Vendor Zte
Product Mc801A1 Firmware
Version mc801a1_elisa1_b04
cpe:2.3:o:zte:mc801a1_firmware:mc801a1_elisa1_b04:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://support.zte.com.cn/support/news/LoopholeInfoDetail.…
Vendor Advisory
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032624
https://support.zte.com.cn/support/news/LoopholeInfoDetail.…
Vendor Advisory
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032624