Executive Summary

Informations
NameCVE-2018-7364First vendor Publication2018-12-07
VendorCveLast vendor Modification2019-01-04

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7364

CWE : Common Weakness Enumeration

%idName
100 %CWE-284Access Control (Authorization) Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Sources (Detail)

SourceUrl
CONFIRM http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-01-04 17:19:59
  • Multiple Updates
2018-12-19 21:19:52
  • Multiple Updates
2018-12-07 17:19:15
  • First insertion