ZTE ZXvSTB Product: Broken Access Control Vulnerability Allows Deletion of Default Application Type
CVE-2022-23144 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.
Learn more about our Web Application Penetration Testing UK.