#VU31825 Improper Authentication in ZTE products - CVE-2020-6871

Cybersecurity Help s.r.o.

Published: 2020-07-24

Vulnerability identifier: #VU31825

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-6871

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
R5300G4
Hardware solutions / Other hardware appliances
R8500G4
Hardware solutions / Other hardware appliances
R5500G4
Hardware solutions / Other hardware appliances

Vendor: ZTE

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests within the server management software module. A remote attacker can bypass authentication process and execute some commands for high-level users.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

R5300G4: V03.04.0020 - V03.08.0100

R8500G4: V03.05.0020 - V03.07.0103

R5500G4: V03.06.0100 - V03.08.0100

External links
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013203

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in ZTE R5300G4, R8500G4, and R5500G4 devices