Vulnerabilities > ZTE > Zxcloud Irai Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-03 | CVE-2023-41776 | Improper Privilege Management vulnerability in ZTE Zxcloud Irai Firmware There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges. | 7.8 |
| 2024-01-03 | CVE-2023-41780 | Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai Firmware There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. | 7.8 |
| 2024-01-03 | CVE-2023-41783 | Code Injection vulnerability in ZTE Zxcloud Irai Firmware There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. | 7.8 |
| 2023-12-14 | CVE-2023-25648 | Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxcloud Irai Firmware 6.03.04/7.23.20 There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. | 7.8 |
| 2021-04-13 | CVE-2021-21731 | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Zxcloud Irai Firmware A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. | 8.1 |