|
Original release date: 2019.10.29 CVE ID CVE-2019-3421 CVSS 3.0 Base Score 6.3 Medium (AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) Description The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the user terminal system. Affected Products and Fixes Product Name | Affected Version | Resolved Version | ZX297520V3 | All versions up to 7520V3V1.0.0B09P27 | 7520V3V1.0.0B09P30 |
Credit Thanks to China National Vulnerability Database (CNVD) for reporting the security vulnerabilities to ZTE PSIRT. Update Records 29 October 2019, initial.
Supporting team contacts 1. ZTE GCSC hotline: 0755-26770800 800-830-1118 400-830-1118 2. Product forum at ZTE Support website. ZTE PSIRT If you need to feedback or report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.
|