CVE-2021-21751

high

Description

ZTE BigVideo analysis product has an input verification vulnerability. Due to the inconsistency between the front and back verifications when configuring the large screen page, an attacker with high privileges could exploit this vulnerability to tamper with the URL and cause service exception.

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884

Details

Source: Mitre, NVD

Published: 2021-12-27

Updated: 2023-08-08

Risk Information

CVSS v2

Base Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

Detections

Analytics