Lucene search

[email protected]NVD:CVE-2023-25650

HistoryDec 14, 2023 - 7:15 a.m.

CVE-2023-25650

2023-12-1407:15:07

CWE-20

[email protected]

web.nvd.nist.gov

arbitrary file download

zxcloud irai

vulnerability

backend

special strings

restrict paths

user permission

request parameter

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

17.9%

JSON

There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not escape special strings or restrict paths, an attacker with user permission could access the download interface by modifying the request parameter, causing arbitrary file downloads.

Affected configurations

Nvd

Node

ztezxcloud_irai_firmwareRange<7.23.30

AND

ztezxcloud_iraiMatch-

VendorProductVersionCPE
ztezxcloud_irai_firmware*cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*
ztezxcloud_irai-cpe:2.3:h:zte:zxcloud_irai:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zte	zxcloud_irai_firmware	*	cpe:2.3:o:zte:zxcloud_irai_firmware::::::::
zte	zxcloud_irai	-	cpe:2.3:h:zte:zxcloud_irai:-:::::::*

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032904

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

17.9%

JSON

Related for NVD:CVE-2023-25650

cve1 cvelist1 prion1