exploitDog

CVE-2020-6875

Опубликовано: 05 окт. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects: <ZXONE 19700 SNPE><ZXONE8700V1.40R2B13_SNPE>

Ссылки

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013643
Vendor Advisory
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013643
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:zte:zxone_19700_snpe_firmware:zxone8700v1.40r2b13_snpe:*:*:*:*:*:*:*

cpe:2.3:h:zte:zxone_19700_snpe:-:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00257

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-jrc6-wgvp-2f2r

github

больше 3 лет назад

A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects: <ZXONE 19700 SNPE><ZXONE8700V1.40R2B13_SNPE>

EPSS

Процентиль: 49%

0.00257

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-306