CVE-2025-26708 There — Exploit & Vulnerability Details MEDIUM

CVE-2025-26708

MEDIUM CVSS 3.1: 4.2 EPSS 0.02%

Parameter	Value
CVSS	4.2 (MEDIUM)
Type	CWE-327 (Weak Crypto Algorithm)
Vendor	There
Public PoC	No

There is a configuration defect vulnerability in ZTELink 5.4.9 for iOS. This vulnerability is caused by a flaw in the WiFi parameter configuration of the ZTELink. An attacker can obtain unauthorized access to the WiFi service.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

None

No data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-327 Weak Crypto Algorithm

References 1

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/566615256922…

psirt@zte.com.cn

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-0124

There

10.0

CVE-2026-1446

There

5.0

CVE-2023-28120

There

5.3

CVE-2023-27531

There

5.3

Menu

CVE-2025-26708

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-0124

CVE-2026-1446

CVE-2023-28120

CVE-2023-27531

CVE Details

Editor's Choice

Menu

CVE-2025-26708

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-0124

CVE-2026-1446

CVE-2023-28120

CVE-2023-27531

CVE Details

Editor's Choice

Stay informed on cybersecurity