CVE-2020-6864

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router.

El producto enrutador ZTE E8820V3 está afectado por una vulnerabilidad de filtrado de información. Los atacantes podrían usar esta vulnerabilidad para conseguir contraseñas del wireless. Después de obtener la contraseña del wireless el atacante podría recopilar información y atacar el enrutador.

*Credits: N/A

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Adjacent

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-01-13 CVE Reserved
2020-02-27 CVE Published
2023-11-29 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012382	2021-07-21

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Zte Search vendor "Zte"	E8820v3 Firmware Search vendor "Zte" for product "E8820v3 Firmware"	< 3.1.0.1000.5 Search vendor "Zte" for product "E8820v3 Firmware" and version " < 3.1.0.1000.5"	-	Affected	in	Zte Search vendor "Zte"	E8820v3 Search vendor "Zte" for product "E8820v3"	-	-	Safe