Vulnerability Details : CVE-2022-39070
There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation.
Products affected by CVE-2022-39070
- cpe:2.3:o:zte:zxa10_c300m_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:zte:zxa10_c350m_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-39070
0.41%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 74 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-39070
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2022-39070
-
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1027824
Security Bulletin DetailsVendor Advisory
Jump to