Vulnerability Description
The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:N/I:C/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zte | Zxv10 W300 Firmware | 1.0.0a_zrd_lk |
| Zte | Zxv10 W300 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-DefauExploit
- http://www.exploit-db.com/exploits/33803Exploit
- https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilExploit
- http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-DefauExploit
- http://www.exploit-db.com/exploits/33803Exploit
- https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilExploit
FAQ
What is CVE-2014-4018?
CVE-2014-4018 is a vulnerability with a CVSS score of 7.8 (HIGH). The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors.
How severe is CVE-2014-4018?
CVE-2014-4018 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-4018?
Check the references section above for vendor advisories and patch information. Affected products include: Zte Zxv10 W300 Firmware, Zte Zxv10 W300.