Vulnerabilities > CVE-2020-6862 - Incorrect Resource Transfer Between Spheres vulnerability in ZTE F6X2W Firmware 6.0.10P2T2/6.0.10P2T5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. Unauthorized users could log in directly to obtain page information without entering a verification code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 1 |
Common Weakness Enumeration (CWE)
References
- http://packetstormsecurity.com/files/159135/ZTE-F602W-CAPTCHA-Bypass.html
- http://packetstormsecurity.com/files/159135/ZTE-F602W-CAPTCHA-Bypass.html
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012162
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012162