Security Advisory

CVE-2023-25649

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-25 09:37:36

Last updated 2024-10-02 15:09:39

Assigner zte

State PUBLISHED

Description

There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.

← Browse all CVEs View on cve.org ↗