MEDIUM🇵🇱 Wersja polska

CVE-2021-21728

CVSS 5.3v3.1pub. 2021-04-09upd. 2024-11-21

A ZTE product has a configuration error vulnerability. Because a certain port is open by default, an attacker can consume system processing resources by flushing a large number of packets to the port, and successfully exploiting this vulnerability could reduce system processing capabilities. This affects: ZXA10 C300M all versions up to V4.3P8.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Zte Zxa10 C300m

    HW
    Zte
    wszystkie wersje
  • Zte Zxa10 C300m Firmware

    OS
    Zte
    < 4.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-39070CRITICAL9.8ten sam produkt

There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings...

CVE-2024-10119CRITICAL9.8PL ✓ten sam vendor

Command injection w routerze SECOM WRTM326 — zdalne wykonanie poleceń

CVE-2022-39073CRITICAL9.8ten sam vendor

There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input paramete...

CVE-2022-23144CRITICAL9.1ten sam vendor

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, atta...

CVE-2021-21748CRITICAL9.8ten sam vendor

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerab...