Lucene search
PRIOn knowledge basePRION:CVE-2023-25648HistoryDec 14, 2023 - 7:15 a.m.
Command injection
2023-12-1407:15:00
PRIOn knowledge base
www.prio-n.com
3
weak folder permission
zte's zxcloud irai
command injection
fake dll
local privileges escalation
There is a weak folder permission vulnerability in ZTEβs ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary user privileges could construct a fake DLLΒ to execute command to escalate local privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zxcloud_irai_firmware | lt | 7.23.21 |
Related
cvelist
cvelist
CVE-2023-25648 Weak Folder Permission Vulnerability in ZTE ZXCLOUD iRAI
2023-12-14 06:46:39
cve
cve
CVE-2023-25648
2023-12-14 07:15:07
nvd
nvd
CVE-2023-25648
2023-12-14 07:15:07