Vulnerability Description
Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affects: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; all versions up to V1.01.10.B12.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zte | Zxr10 9904 Firmware | <= v1.01.10.b12 |
| Zte | Zxr10 9904 | - |
| Zte | Zxr10 9908 Firmware | <= v1.01.10.b12 |
| Zte | Zxr10 9908 | - |
| Zte | Zxr10 9916 Firmware | <= v1.01.10.b12 |
| Zte | Zxr10 9916 | - |
| Zte | Zxr10 9904-S Firmware | <= v1.01.10.b12 |
| Zte | Zxr10 9904-S | - |
| Zte | Zxr10 9908-S Firmware | <= v1.01.10.b12 |
| Zte | Zxr10 9908-S | - |
Related Weaknesses (CWE)
References
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014424Vendor Advisory
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014424Vendor Advisory
FAQ
What is CVE-2021-21723?
CVE-2021-21723 is a vulnerability with a CVSS score of 7.5 (HIGH). Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operati...
How severe is CVE-2021-21723?
CVE-2021-21723 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-21723?
Check the references section above for vendor advisories and patch information. Affected products include: Zte Zxr10 9904 Firmware, Zte Zxr10 9904, Zte Zxr10 9908 Firmware, Zte Zxr10 9908, Zte Zxr10 9916 Firmware.