CVE-2025-26709
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-15
Last updated on: 2025-08-15
Assigner: ZTE Corporation
Description
Description
There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zte | f50 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unauthorized access issue in the ZTE F50 device. It occurs because the Web module interface does not properly control permissions, allowing an unauthorized attacker to access sensitive information through this interface.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive information, which may compromise confidentiality. Although it does not affect integrity or availability, the exposure of sensitive data can have serious consequences depending on the nature of the information accessed.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70