There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack.
References
Link | Resource |
---|---|
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1028984 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
29 Sep 2024, 00:41
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
References | () https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1028984 - Vendor Advisory | |
First Time |
Zte mf296r Firmware
Zte mf296r Zte |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:o:zte:mf296r_firmware:mf296r_nordic1_b06:*:*:*:*:*:*:* cpe:2.3:h:zte:mf296r:-:*:*:*:*:*:*:* |
20 Sep 2024, 12:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
18 Sep 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-18 02:15
Updated : 2024-09-29 00:41
NVD link : CVE-2022-39068
Mitre link : CVE-2022-39068
CVE.ORG link : CVE-2022-39068
JSON object : View
Products Affected
zte
- mf296r_firmware
- mf296r