PT-2020-19282 · Zte · Netnumenu31R20+1

Published

2020-06-24

Updated

2020-07-06

CVE-2020-6870

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ZTE U31R20 version V12.17.20T115 NetNumenU31R20 version V12.17.20T115

Description A design error vulnerability allows an attacker to exploit the issue and log in to the FTP server. This could lead to tampering with the password and unauthorized file operations, including downloading, modifying, uploading, or deleting files. The exploitation of this issue can cause improper operation of the network management system and equipment.

Recommendations For ZTE U31R20 version V12.17.20T115, consider restricting access to the FTP server until a fix is available. For NetNumenU31R20 version V12.17.20T115, restrict access to the FTP server until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-6870

Affected Products

Netnumenu31R20

Zte U31R20

PT-2020-19282 · Zte · Netnumenu31R20+1

CVE-2020-6870

Related Identifiers

Affected Products

References · 3