{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T15:16:23.505","vulnerabilities":[{"cve":{"id":"CVE-2017-10931","sourceIdentifier":"psirt@zte.com.cn","published":"2017-09-19T14:29:00.273","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration."},{"lang":"es","value":"ZXR10 1800-2S en versiones anteriores a la 3.00.40 restringe incorrectamente las descarga del rango del directorio de archivos para los usuarios WEB. Esto provoca que se pueda descargar cualquier archivo y provocar filtraciones de informaciĆ³n como la configuraciĆ³n del sistema."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zte:zxr10_1800-2s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.00.40","matchCriteriaId":"720817E2-2A6C-458D-A755-734D3950ACB3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zte:zxr10_1800-2s:-:*:*:*:*:*:*:*","matchCriteriaId":"CA2AC22D-CC1C-4F6E-AFA1-EEC6C2A294DC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zte:zxr10_2800-4_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.00.40","matchCriteriaId":"1953F140-3D24-4496-B5EB-9E79A2B00DA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zte:zxr10_2800-4:-:*:*:*:*:*:*:*","matchCriteriaId":"C5A4FC3A-3137-4B81-85D4-48AC72CF1019"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zte:zxr10_3800-8_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.00.40","matchCriteriaId":"9C47EA3A-F5B6-4536-A35E-86426A6324C4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zte:zxr10_3800-8:-:*:*:*:*:*:*:*","matchCriteriaId":"6346FA61-050D-4E0A-906C-D2E62D9AA3A1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zte:zxr10_160_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.00.40","matchCriteriaId":"57325750-FFA0-4F1B-A2BA-CC1573509445"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zte:zxr10_160:-:*:*:*:*:*:*:*","matchCriteriaId":"6389B69E-A7E2-4BF3-A628-4F5C0ED6EF86"}]}]}],"references":[{"url":"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262","source":"psirt@zte.com.cn","tags":["Permissions Required"]},{"url":"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]}]}}]}