There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack.
"}],"value":"There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack."}],"impacts":[{"capecId":"CAPEC-10","descriptions":[{"lang":"en","value":"CAPEC-10 Buffer Overflow via Environment Variables"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"HIGH","baseScore":4.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-122","description":"CWE-122 Heap-based Buffer Overflow","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"6786b568-6808-4982-b61f-398b0d9679eb","shortName":"zte","dateUpdated":"2024-09-18T01:57:54.052Z"},"references":[{"url":"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1028984"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"