Permission and Access Control Vulnerability in ZTE E8820V3 Router
CVE-2020-6863

6.5MEDIUM

Key Information:

Vendor: Zte Corporation
Status: E8820v3
Vendor: CVE Published:; 27 February 2020

🔔 Create Zte Corporation Vulnerability Alert

What is CVE-2020-6863?

The ZTE E8820V3 router is affected by a permission and access control vulnerability that allows unauthorized users to manipulate Dynamic Domain Name System (DDNS) configurations. This flaw could enable attackers to alter DDNS parameters, leading to potential disruption of services or denial of service (DoS) attacks against targeted URLs. Proper patching and security measures are recommended to mitigate these risks.

Affected Version(s)

E8820V3 All versions up to V3.1.0.1000.4

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 27, 2020
Vulnerability Reserved
Jan 13, 2020