CVE-2023-25651
SQL Injection Vulnerability in Some ZTE Mobile Internet Products
There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak.
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Affected products
ZTE · Mobile Internet ProductsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →