Описание
There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges.
Уязвимые конфигурации
Конфигурация 1Версия до 7.23.32 (исключая)
Одновременно
cpe:2.3:a:zte:zxcloud_irai:*:*:*:*:*:*:*:*
cpe:2.3:a:zte:zxcloud_irai:-:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00089
Низкий
4.3 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-94
CWE-94
Связанные уязвимости
CVSS3: 4.3
github
около 2 лет назад
There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges.
EPSS
Процентиль: 25%
0.00089
Низкий
4.3 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-94
CWE-94