cvedb.io
CVE-2022-23135
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2022-02-24T19:15:10.183 · Last modified 2026-06-17T04:29:34.807

Summary

There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the lack of verification of user modified destination path, an attacker with specific permissions could modify the FTP access path to access and modify the system path contents without authorization, which will cause information leak and affect device operation.

Affected products

zte — zxhn_f677_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when zte ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.