CVE-2019-3420

EUVD-2019-13059
All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Affected Products (NVD)
VendorProductVersion
ztezxhn_h108n_firmware
𝑥
≤ 2.5.0_eg1t5_ted
𝑥
= Vulnerable software versions
References
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011802
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011802