What is CVE-2023-41780?

CVE-2023-41780 is a medium-severity vulnerability in Zte Zxcloud Irai, classified under Path Traversal. CVSS score: 6.4/10. Published 2024-01-03.

How severe is CVE-2023-41780?

Medium severity. CVSS v3 base score is 6.4 out of 10.

Path Traversal in Zte Zxcloud Irai

CVE-2023-41780

There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (6.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.4 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Zte Zxcloud Irai — versions All versions up to 7.23.23

Weakness classification (CWE)

CWE-22 — Path Traversal

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx

Frequently asked questions

What is CVE-2023-41780?: CVE-2023-41780 is a medium-severity vulnerability in Zte Zxcloud Irai, classified under Path Traversal. CVSS score: 6.4/10. Published 2024-01-03.
How severe is CVE-2023-41780?: Medium severity. CVSS v3 base score is 6.4 out of 10.