There is a weak folder permission vulnerability in ZTE's...
Moderate severity
Unreviewed
Published
Dec 14, 2023
to the GitHub Advisory Database
•
Updated Dec 14, 2023
Description
Published by the National Vulnerability Database
Dec 14, 2023
Published to the GitHub Advisory Database
Dec 14, 2023
Last updated
Dec 14, 2023
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary user privileges could construct a fake DLL to execute command to escalate local privileges.
References