Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zte vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-25648
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary user privileges could construct a fake DLL to execute command to escalate local privileges.
Zte Zxcloud Irai Firmware
6.5
CVSSv3
CVE-2023-25650
There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not escape special strings or restrict paths, an attacker with user permission could access the download interface by modifying the request parameter, causing arbitrary file downloads.
Zte Zxcloud Irai Firmware
8
CVSSv3
CVE-2023-25651
There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak.
Zte Mf833u1 Firmware Bd Mf833u1v1.0.0b01
Zte Mf286r Firmware Cr Lvwrgbmf286rv1.0.0b04
8.8
CVSSv3
CVE-2023-25649
There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.
Zte Mf286r Firmware Cr Lvwrgbmf286rv1.0.0b04
3.3
CVSSv3
CVE-2023-25647
There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.
Zte Axon 30 Firmware
Zte Axon 40 Pro Firmware
Zte Axon 40 Ultra Firmware
Zte Nubia Z50 Firmware
7.7
CVSSv3
CVE-2023-25645
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear p...
Zte Up T2 4k Firmware V84511302.1427
Zte Zxv10 B866v2-h Firmware V84711321.0038
Zte Zxv10 B866v2-h Firmware V84711321.0040
Zte Zxv10 B866v2-h Firmware V84711321.0045
Zte Zxv10 B866v2-h Firmware V84711321.0049
Zte Zxv10 B866v2 Firmware V82811306.3021
Zte Zxv10 B866v2 Firmware V82815416.1027
Zte Zxv10 B866v2 Firmware V82815416.1028
Zte Zxv10 B866v2 Firmware V82815416.1029
Zte Zxv10 B866v2 Firmware V82815416.2012
Zte Zxv10 B866v2 Firmware V84711309.0016
Zte Zxv10 B866v2 Firmware V84711309.0018
Zte Zxv10 B866v2 Firmware V84711309.0019
Zte Zxv10 B860h V5d0 Firmware V83011303.0049
Zte Zxv10 B860h V5d0 Firmware V83011303.0051
Zte Zxv10 B860h V5d0 Firmware V83011303.0053
Zte Zxv10 B860h V5d0 Firmware V83011303.0063
Zte Zxv10 B860h V5d0 Firmware V83011303.0069
Zte Zxv10 B866v2f Firmware V86111338.0026
Zte Zxv10 B866v2f Firmware V86111338.0031
Zte Zxv10 B866v2f Firmware V86111338.0033
Zte Zxv10 B866v2f Firmware V86111338.0035
3.3
CVSSv3
CVE-2022-39074
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.
Zte Blade A52 Firmware
Zte Blade A51 Firmware
Zte Blade A3 Lite Firmware
Zte Blade A5 2020 Firmware
Zte Blade L210 Firmware
Zte Blade A7s Firmware
Zte Blade A31 Firmware
Zte Blade A31 Plus Firmware
Zte Blade A5 2019 Firmware
Zte Blade A71 Firmware
Zte Blade A72 Firmware
Zte Blade V20 Smart Firmware
Zte Blade V30 Firmware
Zte Blade V30 Vita Firmware
Zte V40 Pro Firmware
Zte Blade V40 Vita Firmware
Zte Axon 40 Ultra Firmware
7.1
CVSSv3
CVE-2022-39071
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission.
Zte Blade A52 Firmware
Zte Blade A51 Firmware
Zte Blade A3 Lite Firmware
Zte Blade A5 2020 Firmware
Zte Blade L210 Firmware
Zte Blade A7s Firmware
Zte Blade A31 Firmware
Zte Blade A31 Plus Firmware
Zte Blade A5 2019 Firmware
Zte Blade A71 Firmware
Zte Blade A72 Firmware
Zte Blade V20 Smart Firmware
Zte Blade V30 Firmware
Zte Blade V30 Vita Firmware
Zte V40 Pro Firmware
Zte Blade V40 Vita Firmware
Zte Axon 40 Ultra Firmware
7.1
CVSSv3
CVE-2022-39075
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could delete some system files without user permission.
Zte Blade A52 Firmware
Zte Blade A51 Firmware
Zte Blade A3 Lite Firmware
Zte Blade A5 2020 Firmware
Zte Blade L210 Firmware
Zte Blade A7s Firmware
Zte Blade A31 Firmware
Zte Blade A31 Plus Firmware
Zte Blade A5 2019 Firmware
Zte Blade A71 Firmware
Zte Blade A72 Firmware
Zte Blade V20 Smart Firmware
Zte Blade V30 Firmware
Zte Blade V30 Vita Firmware
Zte V40 Pro Firmware
Zte Blade V40 Vita Firmware
Zte Axon 40 Ultra Firmware
5.4
CVSSv3
CVE-2022-39072
There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vulnerability to execute stored XSS attacks.
Zte Mf286r Firmware Nordic Mf286r B06
Zte Mf289d Firmware Cr Tmoczmf289dv1.0.0b07
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »