CVE-2020-6870

EPSS 0.14%
Published 24.06.2020 16:15:10
Last modified 21.11.2024 05:36:19
Source psirt@zte.com.cn
Teams watchlist Login
Open Login

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Zte ≫ Netnumen U31 R10 Firmware Versionv12.17.20t115

Zte ≫ Netnumen U31 R10 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.14%	0.311

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8	2.1	5.9	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5.2	5.1	6.4	AV:A/AC:L/Au:S/C:P/I:P/A:P

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013043

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-6870

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-6870

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-6870

EUVD