CVE-2023-25643 Information

Description

There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters an authenticated attacker could use the vulnerability to execute arbitrary commands.

Reference

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504