CVE-2021-21725 Information

Description

A ZTE product has an information leak vulnerability. An attacker with higher authority can go beyond their authority to access files in other directories by performing specific operations resulting in information leak. This affects: ZXHN H196Q V9.1.0C2.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014624

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.7