Incorrect Default Permissions
A smart STB product of ZTE is impacted by a permission and access control vulnerability. Due to insufficient protection of system application, attackers could use this vulnerability to tamper with the system desktop and affect system customization functions. This affects: ZXV10 B860H V5.0, V83011303.0010, V83011303.0016
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.