Vulnerabilities in ZTE
99 resultsCVE-2020-6870—The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to EPSS 0.6%CVE-2023-41783MEDIUMCommand Injection Vulnerability of ZTE's ZXCLOUD iRAIEPSS 0.6%CVE-2023-25650MEDIUMArbitrary File Download Vulnerability in ZTE ZXCLOUD iRAIEPSS 0.6%CVE-2018-7366MEDIUMZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV versions up to V1.2.2, the WASU versions up toEPSS 0.6%CVE-2023-25642MEDIUMTwo Vulnerabilities in Some ZTE Mobile Internet ProductsEPSS 0.5%CVE-2019-3414—All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. Due to XSS, when an attacker invokes the security manaEPSS 0.5%CVE-2024-22064HIGHConfiguration error Vulnerability in ZTE ZXUN-ePDGEPSS 0.5%CVE-2019-3410MEDIUMAll versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,whichEPSS 0.5%CVE-2022-39068MEDIUMBuffer Overflow Vulnerability in ZTE MF296REPSS 0.4%CVE-2019-3431—All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. Attackers could sniff unencryptEPSS 0.4%CVE-2025-46583MEDIUMDOS Vulnerability in ZTE MC889A Pro productEPSS 0.4%CVE-2025-26702MEDIUMImproper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.EPSS 0.4%CVE-2023-25651MEDIUMSQL Injection Vulnerability in Some ZTE Mobile Internet ProductsEPSS 0.3%CVE-2023-41781MEDIUMXSS Vulnerability in ZTE MF258 ProductsEPSS 0.3%CVE-2025-46580HIGHZTE GoldenDB Database product has a code-related vulnerabilityEPSS 0.3%CVE-2025-46582HIGHPrivate Key Disclosure Vulnerability in ZTE ZXMP M721 ProductEPSS 0.3%CVE-2025-46575MEDIUMZTE GoldenDB Database product has an information disclosure vulnerabilityEPSS 0.3%CVE-2026-40003MEDIUMUSB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROMEPSS 0.3%CVE-2024-22066HIGHThere is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use theEPSS 0.3%CVE-2026-49002CRITICALBroken Access Control Vulnerabily in ZTE ZXUniPOS NDS-LTE productEPSS 0.3%