CVE-2026-44408 ZTE CVE debrief

Who should care

Organizations deploying ZTE MU5250 mobile broadband devices for remote connectivity, telecommunications providers managing CPE fleets, and security teams responsible for IoT/telecom device hardening should prioritize this vulnerability for assessment and remediation.

Technical summary

The ZTE MU5250 Web interface fails to enforce proper authorization checks, permitting authenticated attackers with low privileges to modify device configuration settings. The attack requires adjacent network access (AV:A) with low attack complexity. While the vulnerability does not expose confidential data, successful exploitation can alter device integrity and significantly impact availability. The underlying weakness is categorized as CWE-200 (Information Exposure), though the primary security concern is improper authorization rather than information disclosure.

Defensive priority

medium

Recommended defensive actions

• Review ZTE security bulletin for affected firmware versions and patch availability
• Restrict Web interface access to trusted administrative hosts only
• Implement network segmentation to limit attacker access to device management interfaces
• Monitor for unauthorized configuration changes in ZTE MU5250 deployments
• Apply firmware updates from ZTE when available per vendor security advisory

Evidence notes

Vulnerability description and CVSS vector sourced from NVD record with ZTE PSIRT as primary reference source. Vendor identification marked as requiring review due to 'Unknown Vendor' classification in source data despite clear ZTE product reference. CPE criteria not yet populated in NVD entry.

Official resources