Vulnerabilities > ZTE > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-03 CVE-2023-41776 Improper Privilege Management vulnerability in ZTE Zxcloud Irai Firmware
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges.
local
low complexity
zte CWE-269
7.8
7.8
2024-01-03 CVE-2023-41780 Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai Firmware
There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI.
local
low complexity
zte CWE-427
7.8
7.8
2024-01-03 CVE-2023-41783 Code Injection vulnerability in ZTE Zxcloud Irai Firmware
There is a command injection vulnerability of ZTE's ZXCLOUD iRAI.
local
low complexity
zte CWE-94
7.8
7.8
2023-12-14 CVE-2023-25643 Command Injection vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware
There is a command injection vulnerability in some ZTE mobile internet products.
network
low complexity
zte CWE-77
8.8
8.8
2023-12-14 CVE-2023-25644 Unspecified vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware
There is a denial of service vulnerability in some ZTE mobile internet products.
network
low complexity
zte
7.5
7.5
2023-12-14 CVE-2023-25648 Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxcloud Irai Firmware 6.03.04
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product.
local
low complexity
zte CWE-732
7.8
7.8
2023-12-14 CVE-2023-25651 SQL Injection vulnerability in ZTE Mf286R Firmware and Mf833U1 Firmware
There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak.
low complexity
zte CWE-89
8.0
8.0
2023-08-25 CVE-2023-25649 Command Injection vulnerability in ZTE Mf286R Firmware Crlvwrgbmf286Rv1.0.0B04
There is a command injection vulnerability in a mobile internet product of ZTE.
network
low complexity
zte CWE-77
8.8
8.8
2023-06-16 CVE-2023-25645 Incorrect Default Permissions vulnerability in ZTE products
There is a permission and access control vulnerability in some ZTE AndroidTV STBs.
local
low complexity
zte CWE-276
7.7
7.7
2023-05-30 CVE-2022-39071 Unspecified vulnerability in ZTE products
There is an unauthorized access vulnerability in some ZTE mobile phones.
local
low complexity
zte
7.1
7.1