CVE-2023-25651 Information

Description

There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak.

Reference

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032684