Vulnerabilities > ZTE > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-03 | CVE-2023-41776 | Improper Privilege Management vulnerability in ZTE Zxcloud Irai There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges. | 7.8 |
| 2024-01-03 | CVE-2023-41780 | Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. | 7.8 |
| 2024-01-03 | CVE-2023-41783 | Code Injection vulnerability in ZTE Zxcloud Irai There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. | 7.8 |
| 2023-12-14 | CVE-2023-25643 | Command Injection vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware There is a command injection vulnerability in some ZTE mobile internet products. | 8.8 |
| 2023-12-14 | CVE-2023-25644 | Unspecified vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware There is a denial of service vulnerability in some ZTE mobile internet products. | 7.5 |
| 2023-12-14 | CVE-2023-25648 | Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxcloud Irai There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. | 7.8 |
| 2023-12-14 | CVE-2023-25651 | SQL Injection vulnerability in ZTE Mf286R Firmware and Mf833U1 Firmware There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak. | 8.0 |
| 2023-08-25 | CVE-2023-25649 | Command Injection vulnerability in ZTE Mf286R Firmware Crlvwrgbmf286Rv1.0.0B04 There is a command injection vulnerability in a mobile internet product of ZTE. | 8.8 |
| 2023-06-16 | CVE-2023-25645 | Incorrect Default Permissions vulnerability in ZTE products There is a permission and access control vulnerability in some ZTE AndroidTV STBs. | 7.7 |
| 2023-05-30 | CVE-2022-39071 | Unspecified vulnerability in ZTE products There is an unauthorized access vulnerability in some ZTE mobile phones. | 7.1 |