Information Leak Vulnerability in ZTE F6x2W

Original release date: 13 January, 2020

 

CVE ID

CVE-2020-6862

 

CVSS 3.0 Base Score

3.1 Low AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

 

Description

V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. Unauthorized users could log in directly to obtain page information without entering a verification code. 

 

Affected Products and Fixes

产品名称

受影响版本号

修复版本号

F6x2W

 V6.0.10P2T2V6.0.10P2T5

V6.0.10P2T13

 

 

Credit

ZTE thanks Hritik Vijay for submitting a vulnerability of ZTE F6x2W to ZTE PSIRT.

 

Update Records

13 January, 2020, initial.

 

Supporting team contacts

1.  ZTE GCSC hotline:

0755-26770800

800-830-1118

400-830-1118

2.  Product forum at ZTE Support website.

 

ZTE PSIRT

If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.

[Close]