Unauthorized access vulnerability in ZTE MU5250_CVE-2026-44408

6.3 / 10

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Description

There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can modify configuration through the interface.

Basic Information

ID CVE-2026-44408

Source zte

Published May 19, 2026 at 07:45

Affected Product

Vendor ZTE

Product MU5250

Version BD_FLYMODEMMU5250V1.0.0B27

Affected Versions ZTE MU5250 BD_FLYMODEMMU5250V1.0.0B27

CWE Classification

CWE-200

References

support.zte.com.cn /zte-iccp-isupport-webui/bulletin/detail/2657904255874650158

{
    "lastseen": "",
    "description": "There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can\u00a0 modify configuration through the interface.",
    "published": "2026-05-19T07:45:05.146Z",
    "modified": "2026-05-19T07:45:05.146Z",
    "type": "cve",
    "title": "Unauthorized access vulnerability in ZTE MU5250",
    "source": "zte",
    "references": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/2657904255874650158",
    "id": "CVE-2026-44408",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "ZTE MU5250 BD_FLYMODEMMU5250V1.0.0B27",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MU5250",
    "version": "BD_FLYMODEMMU5250V1.0.0B27",
    "vendor": "ZTE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}