← back
CVE-2025-26709

Unauthorized Access Vulnerability in ZTE F50

CVSS 5.7 MEDIUMEPSS 0.2%CWE-200
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.7EPSS 0.2%KEV nãoPoC Patch
Lifecycle
15 Aug 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
ZTE · F50

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1288700446535356789