Statement on Spring Framework remote command execution Vulnerability

Original release date:  April 08, 2022


Security Notice


Vulnerability about spring's remote command execution(CVE-2022-22965)has been disclosed recently,and also identified in some reports as Spring4Shell.


ZTE immediately started impact analysis, and preliminarily determined that ZTE products were not affected by this vulnerability based on the information disclosed.

The related work continues with the disclosure of the vulnerability information. The customer can contact ZTE's global customer support team for detailed information. ZTE PSIRT will update the progress in time. Please keep following this notice.



Update Records

April 08, 2022, initial release.


Global Customer Support Center