CVE-2026-44408
Deferred
Deferred - Pending Action
Unauthorized Configuration Modification in ZTE MU5250
Publication date: 2026-05-19
Last updated on: 2026-05-19
Assigner: ZTE Corporation
Description
Description
There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker canΒ modify configuration through the interface.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zte | mu5250 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the ZTE MU5250 device due to improper permission control on its Web interface. It allows an unauthorized attacker to access the interface and modify the device's configuration without proper authorization.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized modification of the device's configuration, which may disrupt normal operations or cause denial of service. Although it does not directly compromise confidentiality, it impacts the integrity and availability of the system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70