CVE-2023-25650
CVE-2023-25650 affects ZTE ZXCLOUD iRAI, where the backend fails to escape special strings or restrict paths in the download interface, enabling an attacker with user permissions to modify a request parameter and trigger arbitrary file downloads. The vulnerability is rooted in improper input hand...