There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass.
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04.
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.
There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific directory.
ZTE BigVideo Analysis product has a privilege escalation vulnerability. Due to improper management of the timed task modification privilege, an attacker with ordinary user permissions could exploit this vulnerability to gain unauthorized access.
Red Magic 11 Pro (NX809J)Â contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific partitions and set writable system properties.
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges.
There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.
Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNet_UME_R32_V16.23.20.04.
There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content.
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.07.
Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app with root privileges may be able to access private information.