CVE-2021-21726

LOW Year: 2021
CVSS v3 Score
2.3
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-20
View all →

Vulnerability Description

Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illegal parameters. This affects:<ZXONE 9700 , ZXONE 8700, ZXONE 19700><V1.40.021.021CP049, V1.0P02B219_@NCPM-RELEASE_2.40R1-20200914.set>

Related Vulnerabilities

CVE-2018-20893

LOW
CVSS:2.3(Low)

cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442).

CWE-202018

CVE-2024-25571

MEDIUM
CVSS:2.3(Low)

Improper input validation in some Intel(R) SPS firmware before SPS_E5_06.01.04.059.0 may allow a privileged user to potentially enable denial of service via local access.

CWE-202024

CVE-2016-8647

LOW
CVSS:2.2(Low)

An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would stil...

CWE-202016

CVE-2017-1000401

LOW
CVSS:2.2(Low)

The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, <f:password/>, supports form validation (e.g. for API keys). The form validation AJAX requests we...

CWE-202017

CVE-2024-22117

LOW
CVSS:2.2(Low)

When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. Howe...

CWE-202024

CVE-2017-18673

LOW
CVSS:2.4(Low)

An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can disable the Location service on a locked device, making it impossible for the rightful owner to find a stolen de...

CWE-202017