Zte: Security Vulnerabilities
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK, and PPPoE credentials. In some observed cases, configuration changes may also be performed without authentication.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-03-30
There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific directory.
CVSS Score
4.3
EPSS Score
0.001
Published
2026-01-09
There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt the normal operation of business SQL.
CVSS Score
7.7
EPSS Score
0.003
Published
2025-04-27
There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-04-27
There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.
CVSS Score
8.4
EPSS Score
0.002
Published
2025-04-27
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
CVSS Score
4.9
EPSS Score
0.003
Published
2025-04-27
There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content.
CVSS Score
5.4
EPSS Score
0.002
Published
2025-04-27
There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-04-27
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
CVSS Score
4.1
EPSS Score
0.002
Published
2025-04-27
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.
CVSS Score
5.3
EPSS Score
0.003
Published
2025-03-11
Page 1