Vulnerability CVE-2019-3415
Published: 2019-07-11

Description:
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files.

CVSS2 => (AV:A/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.7/10
2.9/10
5.1/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
ZTE -> Zxmw nr8000 firmware 

 References:
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011082
Copyright 2024, cxsecurity.com

 

Back to Top