Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ZTE — Vulnerabilities & Security Advisories 91

Browse all 91 CVE security advisories affecting ZTE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ZTE Corporation operates as a global telecommunications equipment manufacturer, providing critical infrastructure for mobile networks and enterprise connectivity. With 87 recorded Common Vulnerabilities and Exposures (CVEs), the company’s products have historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from inadequate input validation and weak authentication mechanisms within embedded web interfaces and management protocols. Notable incidents include the discovery of backdoors in certain router models, which raised significant concerns regarding supply chain integrity and potential state-sponsored espionage. While ZTE has implemented enhanced security testing and compliance measures in recent years, the sheer volume of past CVEs highlights persistent challenges in securing complex, distributed network hardware. The company continues to face scrutiny from cybersecurity researchers and government agencies regarding the trustworthiness of its hardware components in sensitive geopolitical contexts.

Top products by ZTE: GoldenDB ZXCLOUD iRAI ZXHN F670 MC801A ZXCLOUD GoldenData VAP ZX10 1800-2S ZXCDN IAMWEB ZTE MF920 ZTE WF820+ LTE Outdoor CPE T5400 ZXHN H168N ZXR10 1800-2S NH8091 ZXUN-ePDG ZXHN H388X ZXV10 XT802 ZX297520V3 BootROM ZTE PROCESS Guard service MF296R ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series MF258 Pro ZXEDM iEMS ZENIC ONE R58 ZTE Link Red Magic 11 Pro (NX809J) F50 MF258K ElasticNet UME R32 MC889A Pro ZXCDN
CVE IDTitleCVSSSeverityPublished
CVE-2024-22067 ZTE NH8091 product has an improper permission control vulnerability — NH8091 6.8 Medium2024-11-18
CVE-2024-22066 ZTE ZXR10 ZSR 安全漏洞 — ZXR10 1800-2SCWE-294 7.5 High2024-10-29
CVE-2024-22065 ZTE MF258 Pro product has a OS Command injection vulnerability — MF258 ProCWE-20 6.8 Medium2024-10-29
CVE-2024-22068 Weak Password Vulnerability in ZTE ZSR V2 Intelligent Multi Service Router — ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 seriesCWE-269 6.0 Medium2024-10-10
CVE-2022-39068 Buffer Overflow Vulnerability in ZTE MF296R — MF296RCWE-122 4.5 Medium2024-09-18
CVE-2024-22069 Permission and Access Control Vulnerability in ZXV10 XT802/ET301 — ZXV10 XT802CWE-269 7.1 High2024-08-08
CVE-2024-22062 Permissions and Access Control Vulnerability in ZTE ZXCLOUD IRAI — ZXCLOUD IRAICWE-346 6.3 Medium2024-07-09
CVE-2023-25646 Permission and Access Control Vulnerability in ZTE H388X — ZXHN H388XCWE-281 7.1 High2024-06-20
CVE-2024-22064 Configuration error Vulnerability in ZTE ZXUN-ePDG — ZXUN-ePDGCWE-1051 8.3 High2024-05-10
CVE-2023-41781 XSS Vulnerability in ZTE MF258 Products — MF258CWE-20 5.7 Medium2024-01-10
CVE-2023-41782 DLL Hijacking Vulnerability in ZTE ZXCLOUD iRAI — ZXCLOUD iRAICWE-20 3.9 Low2024-01-05
CVE-2023-41784 Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro — Red Magic 8 ProCWE-269 6.6 Medium2024-01-04
CVE-2023-41783 Command Injection Vulnerability of ZTE's ZXCLOUD iRAI — ZXCLOUD iRAICWE-94 4.3 Medium2024-01-03
CVE-2023-41776 Local Privilege Escalation Vulnerability of ZTE's ZXCLOUD iRAI — ZXCLOUD iRAICWE-732 6.7 Medium2024-01-03
CVE-2023-41780 Unsafe DLL Loading Vulnerability in ZTE ZXCLOUD iRAI — ZXCLOUD iRAICWE-22 6.4 Medium2024-01-03
CVE-2023-41779 Illegal Memory Access Vulnerability of ZTE's ZXCLOUD iRAI — ZXCLOUD iRAICWE-119 4.4 Medium2024-01-03
CVE-2023-25644 Denial of Service Vulnerability in Some ZTE Mobile Internet Products — MC801ACWE-755 6.5 Medium2023-12-14
CVE-2023-25643 Two Vulnerabilities in Some ZTE Mobile Internet Products — MC801ACWE-77 8.4 High2023-12-14
CVE-2023-25642 Two Vulnerabilities in Some ZTE Mobile Internet Products — MC801ACWE-120 5.9 Medium2023-12-14
CVE-2023-25651 SQL Injection Vulnerability in Some ZTE Mobile Internet Products — Mobile Internet ProductsCWE-20 4.3 Medium2023-12-14
CVE-2023-25650 Arbitrary File Download Vulnerability in ZTE ZXCLOUD iRAI — ZXCLOUD iRAICWE-20 6.5 Medium2023-12-14
CVE-2023-25648 Weak Folder Permission Vulnerability in ZTE ZXCLOUD iRAI — ZXCLOUD iRAICWE-732 6.5 Medium2023-12-14
CVE-2023-25649 OS Command Injection Vulnerability in a Mobile Internet Product of ZTE — MF286RCWE-77 6.8 Medium2023-08-25
CVE-2023-25647 Permission and Access Control Vulnerability in Some ZTE Mobile Phones — Some ZTE Mobile PhonesCWE-269 4.7 Medium2023-08-17
CVE-2020-6870 ZTE U31R20 安全漏洞 — NetNumenU31R20 8.8 -2020-06-24
CVE-2019-3431 ZTE ZXCLOUD GoldenData VAP 加密问题漏洞 — ZXCLOUD GoldenData VAP 9.8 -2019-12-23
CVE-2019-3430 ZTE ZXCLOUD GoldenData VAP 信息泄露漏洞 — ZXCLOUD GoldenData VAP 4.9 -2019-12-23
CVE-2019-3429 ZTE ZXCLOUD GoldenData VAP 日志信息泄露漏洞 — ZXCLOUD GoldenData VAP 5.3 -2019-12-23
CVE-2019-3428 ZTE ZXCDN IAMWEB 输入验证错误漏洞 — ZXCDN IAMWEB 6.5 -2019-11-22
CVE-2019-3427 ZTE ZXCDN IAMWEB 注入漏洞 — ZXCDN IAMWEB 6.5 -2019-11-22

This page lists every published CVE security advisory associated with ZTE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.