Vulnerability Details : CVE-2020-6870
The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115
Products affected by CVE-2020-6870
- cpe:2.3:o:zte:netnumen_u31_r10_firmware:v12.17.20t115:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-6870
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 31 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-6870
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.2
|
MEDIUM | AV:A/AC:L/Au:S/C:P/I:P/A:P |
5.1
|
6.4
|
NIST | |
8.0
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.1
|
5.9
|
NIST |
References for CVE-2020-6870
-
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013043
Security Bulletin DetailsVendor Advisory
Jump to