CVE-2020-6868

There is an input validation vulnerability in a PON terminal product of ZTE, which supports the creation of WAN connections through WEB management pages. The front-end limits the length of the WAN connection name that is created, but the HTTP proxy is available to be used to bypass the limitation. An attacker can exploit the vulnerability to tamper with the parameter value. This affects: ZTE F680 V9.0.10P1N6

CVSS v3 6.5 MEDIUM
CVSS v2.0 3.3 LOW

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

Vector : AV:A/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012866	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:zte:f680:-:*:*:*:*:*:*:*

cpe:2.3:o:zte:f680_firmware:zxhn_f680v9.0.10p1n6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-06-01 13:15

Updated : 2020-12-04 22:15

NVD link : CVE-2020-6868

Mitre link : CVE-2020-6868

CVE.ORG link : CVE-2020-6868

JSON object : View

Products Affected

zte

f680
f680_firmware

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2020-6868", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-06-01T13:15:10.267", "references": [{"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012866", "tags": ["Vendor Advisory"], "source": "psirt@zte.com.cn"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "There is an input validation vulnerability in a PON terminal product of ZTE, which supports the creation of WAN connections through WEB management pages. The front-end limits the length of the WAN connection name that is created, but the HTTP proxy is available to be used to bypass the limitation. An attacker can exploit the vulnerability to tamper with the parameter value. This affects: ZTE F680 V9.0.10P1N6"}, {"lang": "es", "value": "Existe una vulnerabilidad de validaci\u00f3n de entrada en un producto terminal PON de ZTE, que soporta la creaci\u00f3n de conexiones WAN a trav\u00e9s de p\u00e1ginas de gesti\u00f3n WEB. El front-end limita la longitud del nombre de la conexi\u00f3n WAN que se crea, pero el proxy HTTP est\u00e1 disponible para ser utilizado para evitar la limitaci\u00f3n. Un atacante puede explotar la vulnerabilidad para manipular el valor del par\u00e1metro. Esto afecta: ZTE F680 V9.0.10P1N6"}], "lastModified": "2020-12-04T22:15:12.787", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:f680:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B1B37CB7-FB8A-4CB6-A7D2-2CBB6B6DBCAF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:f680_firmware:zxhn_f680v9.0.10p1n6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0A7B733-B37B-40E7-8006-6C439693859E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@zte.com.cn"}