The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the user terminal system.
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011643