Vulnerabilities > CVE-2020-6870 - Unspecified vulnerability in ZTE Netnumen U31 R10 Firmware V12.17.20T115

CVSS 5.2 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

low complexity

zte

NVD

Published: 2020-06-24

Updated: 2020-07-06

Summary

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115

Vulnerable Configurations

Part	Description	Count
OS	Zte ZTE Netnumen U31 R10 Firmware V12.17.20T115	1
Hardware	Zte ZTE Netnumen U31 R10 -	1

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013043