CVE-2023-25643

There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt