CVE-2020-6881

Published: Dec 21, 2020Modified: Jun 17, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>

Affected (5)

Products: Zte: Zxhn E8810 Firmware, Zxhn E8820 Firmware, Zxhn E8822 Firmware

3 products

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zte Zxhn E8810 Firmware	Version 1.0.26
Zte Zxhn E8810 Firmware	Version 2.0.1

Running on/with	Platform Versions
Zte Zxhn E8810	All versions

Configuration B

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zte Zxhn E8820 Firmware	Version 1.1.3
Zte Zxhn E8820 Firmware	Version 2.0.13

Running on/with	Platform Versions
Zte Zxhn E8820	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zte Zxhn E8822 Firmware	Version 2.0.13

Running on/with	Platform Versions
Zte Zxhn E8822	All versions

Related CWEs

CWE-346

Origin Validation Error

The product does not properly verify that the source of data or communication is valid.

References (2)

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202

Source: psirt@zte.com.cn

Vendor Advisory

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.