exploitDog

CVE-2020-6870

Опубликовано: 24 июн. 2020

Источник: nvd

CVSS3: 8

CVSS2: 5.2

EPSS Низкий

Описание

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115

Ссылки

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013043
Vendor Advisory
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013043
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:zte:netnumen_u31_r10_firmware:v12.17.20t115:*:*:*:*:*:*:*

cpe:2.3:h:zte:netnumen_u31_r10:-:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00143

Низкий

8 High

CVSS3

5.2 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-93v6-m8fp-hm8p

github

больше 3 лет назад

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115

EPSS

Процентиль: 35%

0.00143

Низкий

8 High

CVSS3

5.2 Medium

CVSS2

Дефекты

NVD-CWE-Other