CVE-2025-26709 | THREATINT

Description

There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface

PUBLISHED Reserved 2025-02-14 | Published 2025-08-15 | Updated 2025-08-15 | Assigner zte

MEDIUM: 5.7CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status

unaffected

F50_FLYMODEM_ZYV1.0.0B07

affected

References

support.zte.com.cn/...ui/bulletin/detail/1288700446535356789

cve.org (CVE-2025-26709)

nvd.nist.gov (CVE-2025-26709)

Download JSON