Unauthorized Access Vulnerability in ZTE F50_CVE-2025-26709

5.7 / 10

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface

Basic Information

ID CVE-2025-26709

Source zte

Published Aug 15, 2025 at 10:35

Affected Product

Vendor ZTE

Product F50

Version F50_FLYMODEM_ZYV1.0.0B07

Affected Versions ZTE F50 F50_FLYMODEM_ZYV1.0.0B07

CWE Classification

CWE-200

References

support.zte.com.cn /zte-iccp-isupport-webui/bulletin/detail/1288700446535356789

{
    "lastseen": "",
    "description": "There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface",
    "published": "2025-08-15T10:35:22.604Z",
    "modified": "2025-08-15T10:35:22.604Z",
    "type": "cve",
    "title": "Unauthorized Access Vulnerability in ZTE F50",
    "source": "zte",
    "references": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1288700446535356789",
    "id": "CVE-2025-26709",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "ZTE F50 F50_FLYMODEM_ZYV1.0.0B07",
    "sourceHref": "",
    "cvss": {
        "score": 5.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "F50",
    "version": "F50_FLYMODEM_ZYV1.0.0B07",
    "vendor": "ZTE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}