CVE-2020-6882 (GCVE-0-2020-6882)

Vulnerability from cvelistv5 – Published: 2020-12-21 17:18 – Updated: 2024-08-04 09:18
VLAI
Summary
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>
Severity
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE
  • information leak
Assigner
zte
References
Impacted products
Vendor Product Version
n/a <ZXHN E8810, ZXHN E8820, ZXHN E8822> Affected: <E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:18:01.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "\u003cZXHN E8810, ZXHN E8820, ZXHN E8822\u003e",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "\u003cE8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L,  E8820 V2.0.13, E8822 V2.0.13\u003e"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:\u003cZXHN E8810, ZXHN E8820, ZXHN E8822\u003e\u003cE8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13\u003e"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information leak",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-21T17:18:42.000Z",
        "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "shortName": "zte"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@zte.com.cn",
          "ID": "CVE-2020-6882",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "\u003cZXHN E8810, ZXHN E8820, ZXHN E8822\u003e",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003cE8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L,  E8820 V2.0.13, E8822 V2.0.13\u003e"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:\u003cZXHN E8810, ZXHN E8820, ZXHN E8822\u003e\u003cE8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13\u003e"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information leak"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202",
              "refsource": "MISC",
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
    "assignerShortName": "zte",
    "cveId": "CVE-2020-6882",
    "datePublished": "2020-12-21T17:18:42.000Z",
    "dateReserved": "2020-01-13T00:00:00.000Z",
    "dateUpdated": "2024-08-04T09:18:01.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2020-6882",
      "date": "2026-06-03",
      "epss": "0.00319",
      "percentile": "0.55283"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-6882\",\"sourceIdentifier\":\"psirt@zte.com.cn\",\"published\":\"2020-12-21T18:15:16.790\",\"lastModified\":\"2024-11-21T05:36:20.817\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:\u003cZXHN E8810, ZXHN E8820, ZXHN E8822\u003e\u003cE8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13\u003e\"},{\"lang\":\"es\",\"value\":\"Los enrutadores de la serie ZTE E8810/E8820/E8822, presentan una vulnerabilidad de filtraci\u00f3n de informaci\u00f3n, que es causada por unas credenciales de acceso al servicio MQTT embebidas en el dispositivo.\u0026#xa0;El atacante remoto podr\u00eda usar esta credencial para conectarse al servidor MQTT, con el fin de conseguir informaci\u00f3n sobre otros dispositivos mediante el env\u00edo de temas espec\u00edficos.\u0026#xa0;Esto afecta a: (ZXHN versi\u00f3n E8810, ZXHN versi\u00f3n E8820, ZXHN versi\u00f3n E8822)(E8810 versi\u00f3n V1.0.26, E8810 versi\u00f3n V2.0.1, E8820 versi\u00f3n V1.1.3L, E8820 versi\u00f3n V2.0.13, E8822 versi\u00f3n V2.0.13)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_e8810_firmware:1.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FAEA9B3-F419-4BBC-804A-A4AF940D04E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_e8810_firmware:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEA58C25-152D-4FC0-BFD6-CF83E1592F6C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zte:zxhn_e8810:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4CD17E-7D74-496D-A940-5EE0384F9F32\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_e8820_firmware:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B724E3DB-7BEF-4CBD-9993-E15D76769326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_e8820_firmware:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89832348-13C9-4517-BD37-1809F470A459\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zte:zxhn_e8820:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD8076BD-BDA8-4D23-9C64-9B943758A753\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_e8822_firmware:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113C6C70-0972-430F-B204-F680570A04C4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zte:zxhn_e8822:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"878579E1-99D8-4BE0-858E-38A4B1A94FEC\"}]}]}],\"references\":[{\"url\":\"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202\",\"source\":\"psirt@zte.com.cn\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.