There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges.
References
Link | Resource |
---|---|
https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404 | Broken Link Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
09 Jan 2024, 20:00
Type | Values Removed | Values Added |
---|---|---|
First Time |
Zte zxcloud Irai Firmware
Zte Zte zxcloud Irai |
|
References | () https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404 - Broken Link, Vendor Advisory | |
CWE | CWE-427 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zte:zxcloud_irai:-:*:*:*:*:*:*:* |
03 Jan 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-03 02:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-41780
Mitre link : CVE-2023-41780
CVE.ORG link : CVE-2023-41780
JSON object : View
Products Affected
zte
- zxcloud_irai_firmware
- zxcloud_irai