NewStart CGSL MAIN 6.06 (SP) : python3 Multiple Vulnerabilities (NS-SA-2026-0032)

high Nessus Plugin ID 301206

Synopsis

The remote NewStart CGSL host is affected by multiple vulnerabilities.

Description

The remote NewStart CGSL host, running version MAIN 6.06 (SP), has python3 packages installed that are affected by multiple vulnerabilities:

- Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states Warning: http.server is not recommended for production. It only implements basic security checks. (CVE-2021-28861)

- A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(text), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability. (CVE-2020-10735)

- An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname.
For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16. (CVE-2022-45061)

- A use-after-free exists in Python through 3.9 via heappushpop in heapq. (CVE-2022-48560)

- read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. (CVE-2022-48564)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the vulnerable CGSL python3 packages. Note that updated packages may not be available yet. Please contact ZTE for more information.

Plugin Details

Severity: High

ID: 301206

File Name: newstart_cgsl_NS-SA-2026-0032_python3.nasl

Version: 1.1

Type: local

Family: NewStart CGSL Local Security Checks

Published: 3/6/2026

Updated: 3/6/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2021-28861

CVSS v3

Risk Factor: High

Base Score: 7.4

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:zte:cgsl_main:python3-debugsource, cpe:/o:zte:cgsl_main:6, p-cpe:/a:zte:cgsl_main:platform-python-debug, p-cpe:/a:zte:cgsl_main:python3-tkinter, p-cpe:/a:zte:cgsl_main:platform-python, p-cpe:/a:zte:cgsl_main:python3-idle, p-cpe:/a:zte:cgsl_main:platform-python-devel, p-cpe:/a:zte:cgsl_main:python3-devel, p-cpe:/a:zte:cgsl_main:python3-debuginfo, p-cpe:/a:zte:cgsl_main:python3-libs, p-cpe:/a:zte:cgsl_main:python3-test

Required KB Items: Host/local_checks_enabled, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/4/2026

Vulnerability Publication Date: 7/31/2020

Reference Information

CVE: CVE-2020-10735, CVE-2021-28861, CVE-2022-45061, CVE-2022-48560, CVE-2022-48564, CVE-2023-27043, CVE-2023-40217

Detections

Analytics