Every CVE whose affected-product data names Zte Mf971r Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-21748 — CVSS 9.8 (critical): ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary…
CVE-2021-21749 — CVSS 9.8 (critical): ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary…
CVE-2021-21744 — CVSS 7.5 (high): ZTE MF971R product has a configuration file control vulnerability. An attacker could use this vulnerability to modify the configuration…
CVE-2021-21746 — CVSS 6.1 (medium): ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.
CVE-2021-21747 — CVSS 6.1 (medium): ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.
CVE-2021-21743 — CVSS 4.3 (medium): ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header…
CVE-2021-21745 — CVSS 4.3 (medium): ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to…