|
Update:Nov 5th, 2015
Vulnerability IDs:
CVE-2014-9019
CVE-2014-9020
CVE-2014-9021
CVE-2014-9027
CVE-2014-9183
CVE-2014-9184
CVSSv2 Score:
Base Score of CVE-2014-9019: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Base Score of CVE-2014-9020: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Base Score of CVE-2014-9021: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Base Score of CVE-2014-9027: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Base Score of CVE-2014-9183: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Base Score of CVE-2014-9184: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Statement:
CVE-2014-9019, CVE-2014-9020, CVE-2014-9021, CVE-2014-9027, CVE-2014-9183, and CVE-2014-9184 were existed in ZTE home gateway 831II and 831CII among which 831II was end of service in January 2014 and replaced by 831II V3.0, 831CII was end of service in March 2015 and replaced by H108L V4.0 and H108N V2.5.
The two vulnerable products were finished upgrading in March 2015 and the vulnerabilities mentioned herein are all fixed. ZTE recommends you choose newer version of home gateway product for the purpose of better security.
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9019
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9020
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9021
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9027
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9183
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9184
Supporting team contacts:
1. ZTE GCSC hotline:
0755-26770800
800-830-1118
400-830-1118
2. Product forum at ZTE Support website.
Feedback Channel:
If you need to feedback or report security vulnerabilities related to ZTE’s products, or get ZTE’s product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577。
|