CVE-2025-66315

Medium CVSS: 4.3

There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific directory.

Vendor

Zte

Product

Mf258k Pro Firmware

CWE

CWE-269

Yayın Tarihi

2026-01-09 03:15:47

Güncelleme

2026-03-12 19:26:10

Source Identifier

psirt@zte.com.cn

KEV Date Added

Kategoriler

CWE-269 Mf258k Pro Firmware MEDIUM Zte 2026

Referanslar

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4891644183717871638

Benzer Kayıtlar

High

CVE-2025-46580

There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt th…

Medium

CVE-2025-46578

There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit t…

High

CVE-2025-46579

There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through th…

Medium

CVE-2025-46575

There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages…

Medium

CVE-2025-46576

There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipu…

Medium

CVE-2025-46577

There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract databa…