Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-41780

There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges.

Published

2024-01-03T02:15:43.403

Last Modified

2025-01-28T15:36:03.663

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-22
Type: Primary
CWE-427

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zte	zxcloud_irai	< 7.23.32	Yes
Application	zte	zxcloud_irai	-	No

References

https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404 Broken Link, Vendor Advisory ([email protected])
https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404 Broken Link, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)