ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Zxhn_h168n_firmware | Zte | 2.2.0_pk1.2t2 (including) | 2.2.0_pk1.2t2 (including) |
Zxhn_h168n_firmware | Zte | 2.2.0_pk1.2t5 (including) | 2.2.0_pk1.2t5 (including) |
Zxhn_h168n_firmware | Zte | 2.2.0_pk11t (including) | 2.2.0_pk11t (including) |
Zxhn_h168n_firmware | Zte | 2.2.0_pk11t7 (including) | 2.2.0_pk11t7 (including) |