Overview
- Description
- The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115
- Source
- psirt@zte.com.cn
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5.2
- Impact score
- 6.4
- Exploitability score
- 5.1
- Vector string
- AV:A/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:netnumen_u31_r10:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7699BE39-D267-4253-94E0-32D8EE211923"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:netnumen_u31_r10_firmware:v12.17.20t115:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA3C6428-9FC4-42FC-984C-D2C6F1E18C3A"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]