CVE-2020-6872
N/A
N/A
Summary
The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts some attack codes through the foreground login page, which will cause the user to execute the predefined malicious script in the browser. This affects <R5300G4V03.08.0100/V03.07.0300/V03.07.0200/V03.07.0108/V03.07.0100/V03.05.0047/V03.05.0046/V03.05.0045/V03.05.0044/V03.05.0043/V03.05.0040/V03.04.0020;R8500G4V03.07.0103/V03.07.0101/V03.06.0100/V03.05.0400/V03.05.0020;R5500G4V03.08.0100/V03.07.0200/V03.07.0100/V03.06.0100>.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | <R5300G4?R8500G4?R5500G4> | <R5300G4V03.08.0100/V03.07.0300/V03.07.0200/V03.07.0108/V03.07.0100/V03.05.0047/V03.05.0046/V03.05.0045/V03.05.0044/V03.05.0043/V03.05.0040/V03.04.0020 | affected |
| n/a | <R5300G4?R8500G4?R5500G4> | R8500G4V03.07.0103/V03.07.0101/V03.06.0100/V03.05.0400/V03.05.0020 | affected |
| n/a | <R5300G4?R8500G4?R5500G4> | R5500G4V03.08.0100/V03.07.0200/V03.07.0100/V03.06.0100> | affected |
Weaknesses
- XSS
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.