Statement of Vulnerabilities in ZTE E8810/E8820/E8822 Series Routers

Original release date:  December 17, 2020

 

 

Statement

External researchers Xu Huikai (kverse) and Yu Miao (re.about) reported two vulnerabilities in the E8810/E8820/E8822 series routers to ZTE PSIRT.

After analysis, we confirmed that there are two vulnerabilities in E8810/E8820/E8822 series routers. 

CVE-2020-6881: 5.9 Medium (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service.

CVE-2020-6882: 6.8 medium (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics.

 

Affected Products and Fixes

Product Name

Affected Version

Resolved Version

ZXHN E8810

E8810 V1.0.26, E8810 V2.0.1

已退市

ZXHN E8820

E8820 V1.1.3, E8820 V2.0.13

E8820 V2.0.14

ZXHN E8822

E8822 V2.0.13

E8822 V2.0.14

ZTE recommends that users upgrade to the latest versions or choose our later product (ZXHN E500 or ZXHN E1600) for better security.

 

Acknowledgement

Thanks to Tsinghua University(Institue for Network Sciences and Cyberspace)-QI-ANXIN GROUP Joint Research Center for Network Security, Xu Huikai (kverse) and Yu Miao (re.about) for reporting the security vulnerabilities to ZTE PSIRT.

 

Update Records

December 17, 2020, initial.

July 2, 2021, updated Affected Products and Fixes
 

 

Supporting team contacts

1. ZTE GCSC hotline:

0755-26770800

800-830-1118

400-830-1118

2. Product forum at ZTE Support website.

 

ZTE PSIRT

If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.

[Close]