{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T13:14:03.391","vulnerabilities":[{"cve":{"id":"CVE-2019-3417","sourceIdentifier":"psirt@zte.com.cn","published":"2019-08-15T15:15:16.500","lastModified":"2024-11-21T04:42:03.537","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system."},{"lang":"es","value":"Todas las versiones hasta V1.1.10P3T18 del producto ZTE ZXHN F670,  están afectadas por una vulnerabilidad de inyección de comandos. Debido a la verificación de comprobación de parámetros insuficiente, un usuario autorizado puede explotar esta vulnerabilidad para tomar el control del sistema enrutador de usuario."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@zte.com.cn","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":5.8}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zte:zxhn_f670_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.1.10p3t18","matchCriteriaId":"47671FBF-DCDB-43E2-9BD3-E29B7BD22105"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zte:zxhn_f670:-:*:*:*:*:*:*:*","matchCriteriaId":"129661E2-4FD6-41D0-945E-97E43E05C6D1"}]}]}],"references":[{"url":"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010163","source":"psirt@zte.com.cn","tags":["Vendor Advisory"]},{"url":"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010163","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}