CVE-2024-22065 Information

Description

There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter an authenticated attacker could use the vulnerability to execute arbitrary commands.

Reference

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1171513586716225572