CVE-2020-6879 - OpenCVE

Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a static routing rule configuration interface. The WEB service backend fails to effectively verify the abnormal input. As a result, the attacker can successfully use the vulnerability to tamper parameter values. This affects: ZXHN Z500 V1.0.0.2B1.1000 and ZXHN F670L V1.1.10P1N2E. This is fixed in ZXHN Z500 V1.0.1.1B1.1000 and ZXHN F670L V1.1.10P2N2.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:A/AC:L/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Zte	Zxhn F670l Zxhn F670l Firmware Zxhn Z500 Zxhn Z500 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:zte:zxhn_z500:-:*:*:*:*:*:*:*

cpe:2.3:o:zte:zxhn_z500_firmware:v1.0.0.2b1.1000:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:zte:zxhn_f670l:-:*:*:*:*:*:*:*

cpe:2.3:o:zte:zxhn_f670l_firmware:v1.1.10p1n2e:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013922

History

No history.

MITRE

Status: PUBLISHED

Assigner: zte

Published: 2020-11-19T16:35:23

Updated: 2024-08-04T09:11:05.146Z

Reserved: 2020-01-13T00:00:00

Link: CVE-2020-6879

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-11-19T17:15:13.420

Modified: 2020-12-02T21:13:28.577

Link: CVE-2020-6879

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "ZXHN Z500", "vendor": "n/a", "versions": [{"status": "affected", "version": "Affects: V1.0.0.2B1.1000"}, {"status": "affected", "version": "Fixed: V1.0.1.1B1.1000"}]}, {"product": "ZXHN F670L", "vendor": "n/a", "versions": [{"status": "affected", "version": "Affects: V1.1.10P1N2E"}, {"status": "affected", "version": "Fixed: V1.1.10P2N2"}]}], "descriptions": [{"lang": "en", "value": "Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a static routing rule configuration interface. The WEB service backend fails to effectively verify the abnormal input. As a result, the attacker can successfully use the vulnerability to tamper parameter values. This affects: ZXHN Z500 V1.0.0.2B1.1000 and ZXHN F670L V1.1.10P1N2E. This is fixed in ZXHN Z500 V1.0.1.1B1.1000 and ZXHN F670L V1.1.10P2N2."}], "problemTypes": [{"descriptions": [{"description": "input verification", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-19T16:35:23", "orgId": "6786b568-6808-4982-b61f-398b0d9679eb", "shortName": "zte"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013922"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@zte.com.cn", "ID": "CVE-2020-6879", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ZXHN Z500", "version": {"version_data": [{"version_value": "Affects: V1.0.0.2B1.1000"}, {"version_value": "Fixed: V1.0.1.1B1.1000"}]}}, {"product_name": "ZXHN F670L", "version": {"version_data": [{"version_value": "Affects: V1.1.10P1N2E"}, {"version_value": "Fixed: V1.1.10P2N2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a static routing rule configuration interface. The WEB service backend fails to effectively verify the abnormal input. As a result, the attacker can successfully use the vulnerability to tamper parameter values. This affects: ZXHN Z500 V1.0.0.2B1.1000 and ZXHN F670L V1.1.10P1N2E. This is fixed in ZXHN Z500 V1.0.1.1B1.1000 and ZXHN F670L V1.1.10P2N2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "input verification"}]}]}, "references": {"reference_data": [{"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013922", "refsource": "MISC", "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013922"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:11:05.146Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013922"}]}]}, "cveMetadata": {"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb", "assignerShortName": "zte", "cveId": "CVE-2020-6879", "datePublished": "2020-11-19T16:35:23", "dateReserved": "2020-01-13T00:00:00", "dateUpdated": "2024-08-04T09:11:05.146Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxhn_z500:-:*:*:*:*:*:*:*", "matchCriteriaId": "6733C2DF-7974-4552-8A32-381D4030629B", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxhn_z500_firmware:v1.0.0.2b1.1000:*:*:*:*:*:*:*", "matchCriteriaId": "BFCCD8D8-9A70-4F84-A57B-AE615DEB5025", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxhn_f670l:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FA91D9C-2F8C-4567-887F-CD9C39045B5E", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxhn_f670l_firmware:v1.1.10p1n2e:*:*:*:*:*:*:*", "matchCriteriaId": "01DC21FE-715F-4950-811E-376F5648315E", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a static routing rule configuration interface. The WEB service backend fails to effectively verify the abnormal input. As a result, the attacker can successfully use the vulnerability to tamper parameter values. This affects: ZXHN Z500 V1.0.0.2B1.1000 and ZXHN F670L V1.1.10P1N2E. This is fixed in ZXHN Z500 V1.0.1.1B1.1000 and ZXHN F670L V1.1.10P2N2."}, {"lang": "es", "value": "Algunos dispositivos ZTE presentan vulnerabilidades de comprobaci\u00f3n de entrada. Los dispositivos admiten la configuraci\u00f3n de un prefijo est\u00e1tico por medio de la p\u00e1gina de administraci\u00f3n web. La restricci\u00f3n del c\u00f3digo de front-end se puede omitir al construir un mensaje de petici\u00f3n POST y mediante el env\u00edo de la petici\u00f3n a la creaci\u00f3n de una interfaz de configuraci\u00f3n de reglas de enrutamiento est\u00e1tico. El backend del servicio WEB no puede verificar eficazmente la entrada anormal. Como resultado, el atacante puede usar con \u00e9xito la vulnerabilidad para alterar los valores de los par\u00e1metros. Esto afecta a: ZXHN Z500 V1.0.0.2B1.1000 y ZXHN F670L V1.1.10P1N2E. Esto se corrige en ZXHN Z500 V1.0.1.1B1.1000 y ZXHN F670L V1.1.10P2N2"}], "id": "CVE-2020-6879", "lastModified": "2020-12-02T21:13:28.577", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 2.7, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 5.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-19T17:15:13.420", "references": [{"source": "psirt@zte.com.cn", "tags": ["Vendor Advisory"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013922"}], "sourceIdentifier": "psirt@zte.com.cn", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}