Vulnerability Description
A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment be out of management. This affects: ZXR10 2800-4_ALMPUFB(LOW), all versions up to V3.00.40.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zte | Zxr10 2800-4 Almpufb\(Low\) Firmware | <= 3.00.40 |
| Zte | Zxr10 2800-4 Almpufb\(Low\) | - |
References
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013403Vendor Advisory
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013403Vendor Advisory
FAQ
What is CVE-2020-6873?
CVE-2020-6873 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to caus...
How severe is CVE-2020-6873?
CVE-2020-6873 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-6873?
Check the references section above for vendor advisories and patch information. Affected products include: Zte Zxr10 2800-4 Almpufb\(Low\) Firmware, Zte Zxr10 2800-4 Almpufb\(Low\).