πŸ” CVE Alert

CVE-2026-44408

MEDIUM 6.3

Unauthorized access vulnerability in ZTE MU5250

CVSS Score
6.3
EPSS Score
0.0%
EPSS Percentile
0th

There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker canΒ  modify configuration through the interface.

CWE CWE-200
Vendor zte
Product mu5250
Published May 19, 2026
Last Updated May 19, 2026
Stay Ahead of the Next One

Get instant alerts for zte mu5250

Be the first to know when new medium vulnerabilities affecting zte mu5250 are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
High

Affected Versions

ZTE / MU5250
BD_FLYMODEMMU5250V1.0.0B27

References

NVD β†— CVE.org β†— EPSS Data β†—
support.zte.com.cn: https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/2657904255874650158

Credits

Duc Anh Nguyen from NTCS&TinyxLab