Every CVE whose affected-product data names Zte Zxcloud Irai, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2021-21731 — CVSS 8.1 (high): A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully…
CVE-2023-41776 — CVSS 6.7 (medium): There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process…
CVE-2023-25648 — CVSS 6.5 (medium): There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary…
CVE-2023-25650 — CVSS 6.5 (medium): There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not escape special strings or restrict paths, an…
CVE-2023-41780 — CVSS 6.4 (medium): There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an…
CVE-2024-22062 — CVSS 6.3 (medium): There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to…
CVE-2026-44406 — CVSS 5.7 (medium): ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges…
CVE-2026-40004 — CVSS 5.5 (medium): There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code…
CVE-2018-7365 — CVSS 5.1 (medium): All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow…
CVE-2026-44407 — CVSS 4.7 (medium): A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote…
CVE-2023-41779 — CVSS 4.4 (medium): There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the…
CVE-2023-41783 — CVSS 4.3 (medium): There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an…
CVE-2023-41782 — CVSS 3.9 (low): There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and…