CVE-2020-6881

Published: Dic 21, 2020 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2020-28023 Aliases: GSD-2020-6881
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
MEDIUM 5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial

Description

AI Translation Available

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0023
Percentile
0,5th
Updated

EPSS Score Trend (Last 91 Days)

346

Origin Validation Error

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Other Access Control
Potential Impacts:
Gain Privileges Or Assume Identity Varies By Context
Applicable Platforms
Technologies: Not Technology-Specific, Web Based
View CWE Details
Operating System

Zxhn E8810 Firmware by Zte

Product Information
Vendor Zte
Product Zxhn E8810 Firmware
Version 1.0.26
cpe:2.3:o:zte:zxhn_e8810_firmware:1.0.26:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Zxhn E8822 Firmware by Zte

Product Information
Vendor Zte
Product Zxhn E8822 Firmware
Version 2.0.13
cpe:2.3:o:zte:zxhn_e8822_firmware:2.0.13:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Zxhn E8820 Firmware by Zte

Product Information
Vendor Zte
Product Zxhn E8820 Firmware
Version 2.0.13
cpe:2.3:o:zte:zxhn_e8820_firmware:2.0.13:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Zxhn E8820 Firmware by Zte

Product Information
Vendor Zte
Product Zxhn E8820 Firmware
Version 1.1.3
cpe:2.3:o:zte:zxhn_e8820_firmware:1.1.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Zxhn E8810 Firmware by Zte

Product Information
Vendor Zte
Product Zxhn E8810 Firmware
Version 2.0.1
cpe:2.3:o:zte:zxhn_e8810_firmware:2.0.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://support.zte.com.cn/support/news/LoopholeInfoDetail.a…
Vendor Advisory
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202
http://support.zte.com.cn/support/news/LoopholeInfoDetail.a…
Vendor Advisory
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202