|
Original release date: June 24, 2020 CVE ID CVE-2020-6870 CVSS 3.1 Base Score 8.2 High (AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H) Description The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. Affected Products and Fixes Product Name | Affected Version | Resolved Version | NetNumenU31R20 | V12.17.20T115 | V12.18.20T135 |
Source The vulnerability was found by ZTE's internal test. Update Records June 24, 2020, initial. Supporting team contacts 1. ZTE GCSC hotline: 0755-26770800 800-830-1118 400-830-1118 2. Product forum at ZTE Support website. ZTE PSIRT If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.
|