CVE-2021-21743
- EPSS 0.36%
- Published 20.10.2021 16:15:08
- Last modified 21.11.2024 05:48:55
ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request.
CVE-2021-21744
- EPSS 0.24%
- Published 20.10.2021 16:15:08
- Last modified 21.11.2024 05:48:55
ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration parameters of the device, causing some security functions of the device to be disabled.
CVE-2021-21745
- EPSS 40.59%
- Published 20.10.2021 16:15:08
- Last modified 21.11.2024 05:48:55
ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.
CVE-2021-21748
- EPSS 1.3%
- Published 20.10.2021 16:15:08
- Last modified 21.11.2024 05:48:55
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
CVE-2021-21749
- EPSS 1.3%
- Published 20.10.2021 16:15:08
- Last modified 21.11.2024 05:48:56
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
CVE-2021-21746
- EPSS 0.53%
- Published 20.10.2021 15:15:07
- Last modified 21.11.2024 05:48:55
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.
CVE-2021-21747
- EPSS 0.53%
- Published 20.10.2021 15:15:07
- Last modified 21.11.2024 05:48:55
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.