CVE-2020-6864

low-risk
Published 2020-02-27

ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router.

Do I need to act?

-
0.09% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
ADJACENT_NETWORK / LOW complexity

Affected Products (1)

E8820V3 Firmware

Affected Vendors

Zte

References (2)

Vendor Advisory http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012382
Vendor Advisory http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012382
26
/ 100
low-risk
Severity 21/34 · High
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal