1. Home
  2. CVE Database
  3. CVE-2020-6882
HIGH · 7.5

CVE-2020-6882

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential ...

Vulnerability Description

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
ZteZxhn E8810 Firmware1.0.26
ZteZxhn E8810-
ZteZxhn E8820 Firmware1.1.3
ZteZxhn E8820-
ZteZxhn E8822 Firmware2.0.13
ZteZxhn E8822-

Related Weaknesses (CWE)

CWE-798

References

FAQ

What is CVE-2020-6882?

CVE-2020-6882 is a vulnerability with a CVSS score of 7.5 (HIGH). ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential ...

How severe is CVE-2020-6882?

CVE-2020-6882 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-6882?

Check the references section above for vendor advisories and patch information. Affected products include: Zte Zxhn E8810 Firmware, Zte Zxhn E8810, Zte Zxhn E8820 Firmware, Zte Zxhn E8820, Zte Zxhn E8822 Firmware.