Vulnerabilities (CVE)

Filtered by vendor Zte Subscribe

Filtered by product Mf971r Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-21745	1 Zte	2 Mf971r, Mf971r Firmware	2021-10-25	4.3 MEDIUM	4.3 MEDIUM
ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click.
CVE-2021-21743	1 Zte	2 Mf971r, Mf971r Firmware	2021-10-25	4.3 MEDIUM	4.3 MEDIUM
ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request.
CVE-2021-21747	1 Zte	2 Mf971r, Mf971r Firmware	2021-10-25	4.3 MEDIUM	6.1 MEDIUM
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.
CVE-2021-21746	1 Zte	2 Mf971r, Mf971r Firmware	2021-10-25	4.3 MEDIUM	6.1 MEDIUM
ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.