CVE-2021-21722

A ZTE Smart STB is impacted by an information leak vulnerability. The device did not fully verify the log, so attackers could use this vulnerability to obtain sensitive user information for further information detection and attacks. This affects: ZXV10 B860A V2.1-T_V0032.1.1.04_jiangsuTelecom.
Severity
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Atk. Vector
LOCAL
Atk. Complexity
LOW
Priv. Required
HIGH
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
Common Weakness Enumeration
References
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014324
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014324