Описание
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary user privileges could construct a fake DLL to execute command to escalate local privileges.
Уязвимые конфигурации
Конфигурация 1Версия до 7.23.21 (исключая)
Одновременно
cpe:2.3:a:zte:zxcloud_irai:*:*:*:*:*:*:*:*
cpe:2.3:a:zte:zxcloud_irai:-:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
6.5 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-732
CWE-732
Связанные уязвимости
CVSS3: 6.5
github
около 2 лет назад
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary user privileges could construct a fake DLL to execute command to escalate local privileges.
EPSS
Процентиль: 21%
0.00068
Низкий
6.5 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-732
CWE-732