CVE-2024-22067

high

Description

ZTE NH8091 product has an improper permission control vulnerability. Due to improper permission control of the Web module interface, an authenticated attacker may exploit the vulnerability to execute arbitrary commands.

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/6179526095692935173

Details

Source: Mitre, NVD

Published: 2024-11-18

Updated: 2025-03-13

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H