Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-6881

Опубликовано: 21 дек. 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:zte:zxhn_e8810_firmware:1.0.26:*:*:*:*:*:*:*
cpe:2.3:o:zte:zxhn_e8810_firmware:2.0.1:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxhn_e8810:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:zte:zxhn_e8820_firmware:1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:zte:zxhn_e8820_firmware:2.0.13:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxhn_e8820:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:zte:zxhn_e8822_firmware:2.0.13:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxhn_e8822:-:*:*:*:*:*:*:*

EPSS

Процентиль: 45%
0.00227
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-346

Связанные уязвимости

github логотип

GHSA-f6c6-g5xq-fvm6

github
больше 3 лет назад

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>

EPSS

Процентиль: 45%
0.00227
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-346