DoS Vulnerability in ZXEN CG200

Original release date:  July 18, 2022

 

CVE ID

CVE-2022-23142

 

CVSS 3.1 Base Score 

Medium 6.5/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

 

Description 

ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible.

 

 

Affected Products and Fixes

Product Name

Affected Version

Resolved Version

ZXEN CG200

All versions up to V1.0.0P1N5_M

V1.0.0P1N6_M

 

 

Source

The vulnerability was found by ZTE's internal test.

 

Update Records

July 18, 2022, initial.

 

 Version Update Method

Please contact ZTE Global Customer Support Center to obtain the upgraded version.

 

Global Customer Support Center

http://support.zte.com.cn/support/web/Contact.aspx?_langType=en

 

ZTE PSIRT

https://www.zte.com.cn/global/cybersecurity/ztepsirt.html