Code Injection Vulnerability in ZTE ZXCDN IAMWEB Product (Version V6.01.03.01) Allows for Information Leakage

CVE-2019-3427 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users’ information leakage.

Learn more about our Web App Pen Testing.