Zte: Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi in ZTE ZXDSL 831IIV7.5.0a_Z29_OV allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter.
CVSS Score
6.8
EPSS Score
0.011
Published
2012-08-31
The ZTE sync_agent program for Android 2.3.4 on the Score M device uses a hardcoded ztex1609523 password to control access to commands, which allows remote attackers to gain privileges via a crafted application.
CVSS Score
10.0
EPSS Score
0.036
Published
2012-05-29
Page 19