ByteOS Network

NVD Vulnerability Details :

CVE-2025-2397

Received

Source-cna@vuldb.com

Published At-17 Mar, 2025 | 21:15

Updated At-18 Mar, 2025 | 15:16

A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been declared as problematic. This vulnerability affects unknown code of the component Telnet Service. The manipulation leads to improper authorization. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	4.8	MEDIUM	CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	2.4	LOW	CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Secondary	2.0	2.2	LOW	AV:A/AC:L/Au:M/C:N/I:P/A:N

Weaknesses

CWE ID	Type	Source
CWE-266	Secondary	cna@vuldb.com
CWE-285	Secondary	cna@vuldb.com

References

Hyperlink	Source	Resource
https://github.com/Fizz-L/Vulnerability-report/blob/main/Unauthorized%20access%20to%20execute%20the%20telnet%20command.md	cna@vuldb.com	N/A
https://vuldb.com/?ctiid.299896	cna@vuldb.com	N/A
https://vuldb.com/?id.299896	cna@vuldb.com	N/A
https://vuldb.com/?submit.514957	cna@vuldb.com	N/A
https://github.com/Fizz-L/Vulnerability-report/blob/main/Unauthorized%20access%20to%20execute%20the%20telnet%20command.md	134c704f-9b21-4f2e-91b3-4a467353bcc0	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History