Vulnerabilities > CVE-2020-6870 - Unspecified vulnerability in ZTE Netnumen U31 R10 Firmware V12.17.20T115

CVSS 8.0 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

zte

NVD

Published: 2020-06-24

Updated: 2020-07-06

Summary

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115

Vulnerable Configurations

Part	Description	Count
OS	Zte ZTE Netnumen U31 R10 Firmware V12.17.20T115	1
Hardware	Zte ZTE Netnumen U31 R10 -	1

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013043