CVE-2020-6868 Information

Description

ZTE’s PON terminal product is impacted by the access control vulnerability. Due to the system not performing correct access control on some program interfaces an attacker could use this vulnerability to tamper with the program interface parameters to perform unauthenticated operations. This affects: ZTE F680V9.0.10P1N6

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Reference

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012866

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

6.5