// For flags

CVE-2021-21723

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affects: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; all versions up to V1.01.10.B12.

Algunos productos ZTE presentan una vulnerabilidad de DoS. Debido al manejo inapropiado de la liberación de la memoria en algunos escenarios específicos, un atacante remoto puede desencadenar la vulnerabilidad al llevar a cabo una serie de operaciones, resultando en una pérdida de memoria, que eventualmente puede conllevar a una denegación de servicio del dispositivo. Esto afecta a: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; todas las versiones hasta V1.01.10.B12

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-04 CVE Reserved
  • 2021-01-21 CVE Published
  • 2023-10-07 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-401: Missing Release of Memory after Effective Lifetime
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Zte
Search vendor "Zte"
Zxr10 9904 Firmware
Search vendor "Zte" for product "Zxr10 9904 Firmware"
<= v1.01.10.b12
Search vendor "Zte" for product "Zxr10 9904 Firmware" and version " <= v1.01.10.b12"
-
Affected
in Zte
Search vendor "Zte"
Zxr10 9904
Search vendor "Zte" for product "Zxr10 9904"
--
Safe
Zte
Search vendor "Zte"
Zxr10 9908 Firmware
Search vendor "Zte" for product "Zxr10 9908 Firmware"
<= v1.01.10.b12
Search vendor "Zte" for product "Zxr10 9908 Firmware" and version " <= v1.01.10.b12"
-
Affected
in Zte
Search vendor "Zte"
Zxr10 9908
Search vendor "Zte" for product "Zxr10 9908"
--
Safe
Zte
Search vendor "Zte"
Zxr10 9916 Firmware
Search vendor "Zte" for product "Zxr10 9916 Firmware"
<= v1.01.10.b12
Search vendor "Zte" for product "Zxr10 9916 Firmware" and version " <= v1.01.10.b12"
-
Affected
in Zte
Search vendor "Zte"
Zxr10 9916
Search vendor "Zte" for product "Zxr10 9916"
--
Safe
Zte
Search vendor "Zte"
Zxr10 9904-s Firmware
Search vendor "Zte" for product "Zxr10 9904-s Firmware"
<= v1.01.10.b12
Search vendor "Zte" for product "Zxr10 9904-s Firmware" and version " <= v1.01.10.b12"
-
Affected
in Zte
Search vendor "Zte"
Zxr10 9904-s
Search vendor "Zte" for product "Zxr10 9904-s"
--
Safe
Zte
Search vendor "Zte"
Zxr10 9908-s Firmware
Search vendor "Zte" for product "Zxr10 9908-s Firmware"
<= v1.01.10.b12
Search vendor "Zte" for product "Zxr10 9908-s Firmware" and version " <= v1.01.10.b12"
-
Affected
in Zte
Search vendor "Zte"
Zxr10 9908-s
Search vendor "Zte" for product "Zxr10 9908-s"
--
Safe