CVE-2024-22064
HIGHDescription
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| zte | zxun-epdg |
References
Frequently Asked Questions
What is CVE-2024-22064? +
How severe is CVE-2024-22064? +
What products are affected by CVE-2024-22064? +
How do I check if I'm vulnerable to CVE-2024-22064? +
Related Vulnerabilities
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary …
There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and …
There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt the normal operation …
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability …
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could …
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common …