There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak.
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:LZte Mf286r
HWZtewszystkie wersjeZte Mf286r Firmware
OSZtecr_lvwrgbmf286rv1.0.0b04Zte Mf833u1
HWZtewszystkie wersjeZte Mf833u1 Firmware
OSZtebd_mf833u1v1.0.0b01
Related vulnerabilities
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input paramete...
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters o...
There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validatio...
There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of...
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the w...