{"vulnerability": "CVE-2021-2172", "sightings": [{"uuid": "3ed4b79d-dd73-4ee4-888f-0755cc8f9038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21726", "type": "seen", "source": "https://t.me/cibsecurity/24866", "content": "\u203c CVE-2021-21726 \u203c\n\nSome ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illegal parameters. This affects:\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-12T22:57:29.000000Z"}, {"uuid": "82931bcf-3090-4808-8c89-61f2a190a890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21722", "type": "seen", "source": "https://t.me/cibsecurity/22162", "content": "\u203c CVE-2021-21722 \u203c\n\nA ZTE Smart STB is impacted by an information leak vulnerability. The device did not fully verify the log, so attackers could use this vulnerability to obtain sensitive user information for further information detection and attacks. This affects: ZXV10 B860A V2.1-T_V0032.1.1.04_jiangsuTelecom.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:41.000000Z"}, {"uuid": "c25dd714-ca58-447f-93ec-e111d6890286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21725", "type": "seen", "source": "https://t.me/cibsecurity/24535", "content": "\u203c CVE-2021-21725 \u203c\n\nA ZTE product has an information leak vulnerability. An attacker with higher authority can go beyond their authority to access files in other directories by performing specific operations, resulting in information leak. This affects: ZXHN H196Q V9.1.0C2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-05T20:47:45.000000Z"}, {"uuid": "26f18e6a-6f6a-4316-bc8b-69132606bfb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21724", "type": "seen", "source": "https://t.me/cibsecurity/24198", "content": "\u203c CVE-2021-21724 \u203c\n\nA ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900E, all versions up to V3.03.20R2B30P1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T07:38:31.000000Z"}]}