Zte Zxcloud Irai
11 CVEs affecting Zte Zxcloud Irai. Latest disclosed: 2026-05-07. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-41776 | Medium | 6.7 | 2024-01-03 | There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate loc… |
CVE-2023-25650 | Medium | 6.5 | 2023-12-14 | There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not escape special strings or restrict paths, an attacker with user… |
CVE-2023-25648 | Medium | 6.5 | 2023-12-14 | There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary user privileges could… |
CVE-2023-41780 | Medium | 6.4 | 2024-01-03 | There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploi… |
CVE-2024-22062 | Medium | 6.3 | 2024-07-09 | There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by m… |
CVE-2026-44406 | Medium | 5.7 | 2026-05-07 | ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enabl… |
CVE-2026-40004 | Medium | 5.5 | 2026-05-07 | There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate p… |
CVE-2026-44407 | Medium | 4.7 | 2026-05-07 | A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service. |
CVE-2023-41779 | Medium | 4.4 | 2024-01-03 | There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permissio… |
CVE-2023-41783 | Medium | 4.3 | 2024-01-03 | There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploi… |
CVE-2023-41782 | Low | 3.9 | 2024-01-05 | There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vuln… |