CVE-2026-40436 | ZTE ZXEDM iEMS ElasticNet_UME_R32_V16.25.42.04 User List Interface password recovery

Inserito da Angelo Barbosa | Apr 13, 2026 | CVE

A vulnerability classified as problematic has been found in ZTE ZXEDM iEMS ElasticNet_UME_R32_V16.25.42.04. This issue affects some unknown processing of the component User List Interface. This manipulation causes weak password recovery.

This vulnerability is tracked as CVE-2026-40436. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-40436 | ZTE ZXEDM iEMS ElasticNet_UME_R32_V16.25.42.04 User List Interface password recovery

Post correlati

CVE-2024-12500 | Philantro Plugin up to 5.2 on WordPress cross site scripting

CVE-2024-34453 | TwoNav 2.1.13 index.php url server-side request forgery

CVE-2025-26877 | Rustaurius Front End Users Plugin up to 3.2.30 on WordPress cross site scripting

CVE-2026-6108 | 1Panel-dev MaxKB up to 2.6.1 Model Context Protocol Node base_mcp_node.py execute os command injection