Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ZTE — Vulnerabilities & Security Advisories 91

Browse all 91 CVE security advisories affecting ZTE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ZTE Corporation operates as a global telecommunications equipment manufacturer, providing critical infrastructure for mobile networks and enterprise connectivity. With 87 recorded Common Vulnerabilities and Exposures (CVEs), the company’s products have historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from inadequate input validation and weak authentication mechanisms within embedded web interfaces and management protocols. Notable incidents include the discovery of backdoors in certain router models, which raised significant concerns regarding supply chain integrity and potential state-sponsored espionage. While ZTE has implemented enhanced security testing and compliance measures in recent years, the sheer volume of past CVEs highlights persistent challenges in securing complex, distributed network hardware. The company continues to face scrutiny from cybersecurity researchers and government agencies regarding the trustworthiness of its hardware components in sensitive geopolitical contexts.

Top products by ZTE: GoldenDB ZXCLOUD iRAI ZXHN F670 MC801A ZXCLOUD GoldenData VAP ZX10 1800-2S ZXCDN IAMWEB ZTE MF920 ZTE WF820+ LTE Outdoor CPE T5400 ZXHN H168N ZXR10 1800-2S NH8091 ZXUN-ePDG ZXHN H388X ZXV10 XT802 ZX297520V3 BootROM ZTE PROCESS Guard service MF296R ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series MF258 Pro ZXEDM iEMS ZENIC ONE R58 ZTE Link Red Magic 11 Pro (NX809J) F50 MF258K ElasticNet UME R32 MC889A Pro ZXCDN
CVE IDTitleCVSSSeverityPublished
CVE-2026-44407 Remote Denial of Service Vulnerability Exists in ZTE Cloud PC Client uSmartview — ZXCLOUD iRAICWE-134 4.7 Medium2026-05-07
CVE-2026-44406 DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview — ZXCLOUD iRAICWE-427 5.7 Medium2026-05-07
CVE-2026-40004 openssl.cnf Privilege Escalation Vulnerability in ZTE Cloud PC Client uSmartview — ZXCLOUD iRAICWE-427 5.5 Medium2026-05-07
CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM — ZX297520V3 BootROMCWE-787 5.1 Medium2026-05-07
CVE-2026-40001 Local privilege escalation vulnerability in ZTE PROCESS Guard service of the cloud computer client — ZTE PROCESS Guard serviceCWE-269 5.2 Medium2026-05-06
CVE-2026-40002 ZTE Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. — Red Magic 11 Pro (NX809J)CWE-269 5.0 Medium2026-04-17
CVE-2026-40436 ZTE ZXEDM iEMS product has a password reset vulnerability — ZXEDM iEMS 7.1 High2026-04-13
CVE-2025-66315 ZTE MF258K Pro Version Server has a Configuration Defect Vulnerability — MF258KCWE-269 4.3 Medium2026-01-09
CVE-2025-66314 ZTE ElasticNet UME R32 安全漏洞 — ElasticNet UME R32CWE-269 7.5 High2025-11-27
CVE-2025-46583 DOS Vulnerability in ZTE MC889A Pro product — MC889A ProCWE-116 5.3 Medium2025-10-27
CVE-2025-46582 Private Key Disclosure Vulnerability in ZTE ZXMP M721 Product — ZXMP M721CWE-321 7.7 High2025-10-27
CVE-2025-46581 ZTE ZXCDN product has a Struts RCE Vulnerability — ZXCDNCWE-94 9.8 Critical2025-10-14
CVE-2025-26711 ZTE T5400 安全漏洞 — T5400CWE-200 5.7 Medium2025-09-16
CVE-2025-26710 ZTE T5400 安全漏洞 — T5400CWE-200 3.5 Low2025-09-16
CVE-2025-26709 Unauthorized Access Vulnerability in ZTE F50 — F50CWE-200 5.7 Medium2025-08-15
CVE-2025-46580 ZTE GoldenDB Database product has a code-related vulnerability — GoldenDBCWE-400 7.7 High2025-04-27
CVE-2025-46579 ZTE GoldenDB Database product has a DDE injection vulnerability — GoldenDBCWE-94 8.4 High2025-04-27
CVE-2025-46578 ZTE GoldenDB Database product has SQL injection vulnerabilities in multiple interfaces — GoldenDBCWE-89 6.5 Medium2025-04-27
CVE-2025-46577 ZTE GoldenDB Database product has an SQL injection vulnerability — GoldenDBCWE-89 6.5 Medium2025-04-27
CVE-2025-46576 ZTE GoldenDB Database product has a privilege escalation vulnerability — GoldenDBCWE-269 5.4 Medium2025-04-27
CVE-2025-46575 ZTE GoldenDB Database product has an information disclosure vulnerability — GoldenDBCWE-209 4.9 Medium2025-04-27
CVE-2025-46574 ZTE GoldenDB Database product has an input validation vulnerability — GoldenDBCWE-20 4.1 Medium2025-04-27
CVE-2025-26702 ZTE GoldenDB 输入验证错误漏洞 — GoldenDBCWE-20 4.9 Medium2025-03-11
CVE-2025-26703 ZTE GoldenDB 安全漏洞 — GoldenDBCWE-269 4.3 Medium2025-03-11
CVE-2025-26704 ZTE GoldenDB 安全漏洞 — GoldenDBCWE-269 6.4 Medium2025-03-11
CVE-2025-26705 ZTE GoldenDB 安全漏洞 — GoldenDBCWE-269 5.3 Medium2025-03-11
CVE-2025-26706 ZTE GoldenDB 安全漏洞 — GoldenDBCWE-269 5.4 Medium2025-03-11
CVE-2025-26707 ZTE GoldenDB 安全漏洞 — GoldenDBCWE-269 5.3 Medium2025-03-11
CVE-2025-26708 ZTELink has a configuration defect vulnerability — ZTE LinkCWE-327 4.2 Medium2025-03-07
CVE-2024-22063 ZTE ZENIC ONE R58 product has a CSV injection vulnerability — ZENIC ONE R58CWE-1236 7.6 High2024-12-30

This page lists every published CVE security advisory associated with ZTE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.