Vulnerabilities > ZTE > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-27 | CVE-2025-46574 | Unspecified vulnerability in ZTE Zxcloud Goldendb 7.2.01.01 There is an information disclosure vulnerability in the GoldenDB database product. | 5.3 |
| 2025-04-27 | CVE-2025-46576 | Unspecified vulnerability in ZTE Zxcloud Goldendb 6.1.03.09/6.1.03.10/7.2.01.01 There is a Permission Management and Access Control vulnerability in the GoldenDB database product. | 6.5 |
| 2025-03-11 | CVE-2025-26703 | Unspecified vulnerability in ZTE Goldendb Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | 4.3 |
| 2024-10-29 | CVE-2024-22066 | Authentication Bypass by Capture-replay vulnerability in ZTE products There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . | 6.5 |
| 2024-10-10 | CVE-2024-22068 | Weak Password Requirements vulnerability in ZTE products Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier. | 6.5 |
| 2024-09-18 | CVE-2022-39068 | Out-of-bounds Write vulnerability in ZTE Mf296R Firmware Mf296Rnordic1B06 There is a buffer overflow vulnerability in ZTE MF296R. | 6.5 |
| 2024-06-20 | CVE-2023-25646 | Improper Preservation of Permissions vulnerability in ZTE Zxhn H388X Firmware 10.1Agzhm1.3.1 There is an unauthorized access vulnerability in ZTE H388X. | 6.4 |
| 2024-05-14 | CVE-2024-22064 | Improper Initialization vulnerability in ZTE Zxun-Epdg ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . | 6.5 |
| 2024-01-10 | CVE-2023-41781 | Cross-site Scripting vulnerability in ZTE Mf258 Firmware Ztestdv1.0.0B08/Ztestdv1.0.0B10 There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. | 6.1 |
| 2024-01-05 | CVE-2023-41782 | Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code. | 4.8 |