Filtered by vendor Zte
Subscriptions
Total
186 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46582 | 1 Zte | 1 Zxmp M721 | 2025-10-27 | 7.7 High |
| A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security. | ||||
| CVE-2025-46583 | 1 Zte | 1 Mc889a | 2025-10-27 | 5.3 Medium |
| There is a Denial of Service(DoS)vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack. | ||||
| CVE-2025-46581 | 1 Zte | 1 Zxcdn | 2025-10-20 | 9.8 Critical |
| ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges. | ||||
| CVE-2025-26711 | 1 Zte | 1 T5400 | 2025-09-17 | 5.7 Medium |
| There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface. | ||||
| CVE-2025-26710 | 1 Zte | 1 T5400 | 2025-09-17 | 3.5 Low |
| There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration of the access control mechanism, attackers can obtain information through interfaces without authorization, causing the risk of information disclosure. | ||||
| CVE-2025-26709 | 1 Zte | 1 F50 | 2025-08-16 | 5.7 Medium |
| There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface | ||||
| CVE-2025-53558 | 1 Zte | 2 Zxhn F660a, Zxhn F660t | 2025-07-31 | N/A |
| ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. With the knowledge of the credential, an attacker may log in to the affected devices. | ||||
| CVE-2025-26707 | 1 Zte | 1 Goldendb | 2025-07-12 | 5.3 Medium |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | ||||
| CVE-2023-41776 | 1 Zte | 1 Zxcloud Irai | 2025-06-16 | 6.7 Medium |
| There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges. | ||||
| CVE-2023-41784 | 1 Zte | 2 Redmagic 8 Pro, Redmagic 8 Pro Firmware | 2025-06-03 | 6.6 Medium |
| Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro | ||||
| CVE-2023-41781 | 1 Zte | 2 Mf258, Mf258 Firmware | 2025-06-03 | 5.7 Medium |
| There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered. | ||||
| CVE-2022-23144 | 1 Zte | 30 Zxa10 B700v7, Zxa10 B700v7 Firmware, Zxa10 B710c-a12 and 27 more | 2025-05-22 | 9.1 Critical |
| There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system. | ||||
| CVE-2023-25644 | 1 Zte | 4 Mc801a, Mc801a1, Mc801a1 Firmware and 1 more | 2025-05-22 | 6.5 Medium |
| There is a denial of service vulnerability in some ZTE mobile internet products. Due to insufficient validation of Web interface parameter, an attacker could use the vulnerability to perform a denial of service attack. | ||||
| CVE-2025-46574 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | 4.1 Medium |
| There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information. | ||||
| CVE-2025-46575 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | 4.9 Medium |
| There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information. | ||||
| CVE-2025-46576 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | 5.4 Medium |
| There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content. | ||||
| CVE-2025-46577 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | 6.5 Medium |
| There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information. | ||||
| CVE-2025-46578 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | 6.5 Medium |
| There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information. | ||||
| CVE-2025-46579 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | 8.4 High |
| There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed. | ||||
| CVE-2025-46580 | 1 Zte | 1 Zxcloud Goldendb | 2025-05-12 | 7.7 High |
| There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt the normal operation of business SQL. | ||||