Primary

Context

ZTE MF258K Pro Directory Permission Vulnerability in Version Server

Vulnerability

Patched

A configuration defect vulnerability has been identified in the version server of ZTE MF258K Pro products. This vulnerability arises from improper directory permission settings, allowing an attacker to execute write permissions in a specific directory.

Impact

Exploitation of this vulnerability could lead to unauthorized write access in a designated directory, potentially allowing for the modification or addition of files.

Remediation

Users can upgrade to ZTE_MF258kPRO_PLAY_V1.0.0B05 or ZTE_MF258PRO_STD_V1.0.0B05. For the upgraded version, please contact the ZTE Global Customer Support Center.

Added: Jan 9, 2026, 3:18 AM

Updated: Jan 9, 2026, 3:18 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

4.9

remediation

7.7

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

4.9

remediation

7.7

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ZTE MF258K Pro Directory Permission Vulnerability in Version Server

Vulnerability

Impact

Remediation

Affected Products

ZTE MF258K PRO

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating