| |
Vulnerability CVE-2020-6868
Published: 2020-06-01
| Description: |
ZTE's PON terminal product is impacted by the access control vulnerability. Due to the system not performing correct access control on some program interfaces, an attacker could use this vulnerability to tamper with the program interface parameters to perform unauthenticated operations. This affects: <ZTE F680><V9.0.10P1N6> |
Type:
CWE-20 (Improper Input Validation)
CVSS2 => (AV:A/AC:L/Au:N/C:N/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.3/10 |
2.9/10 |
6.5/10 |
| Exploit range |
Attack complexity |
Authentication |
Adjacent network |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012866
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
