CVE-2020-6866
Description
A resource management error in specific ZTE ZXCTN 6500 versions allows an authenticated attacker to cause a denial of service via a specific command.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A resource management error in specific ZTE ZXCTN 6500 versions allows an authenticated attacker to cause a denial of service via a specific command.
Vulnerability
A resource management error vulnerability exists in ZTE's ZXCTN 6500 product in version V2.10.00R3B87 [1]. The issue can be triggered by an attacker issuing a specific command, leading to improper handling of system resources.
Exploitation
An attacker must have high privileges (e.g., administrative access) and network access to the affected device. The exploitation consists of executing the specific crafted command; no user interaction is required beyond the attacker's own actions [1].
Impact
Successful exploitation results in a denial of service (DoS) condition, rendering the device unavailable. The confidentiality and integrity of the device are not affected, but availability is impacted [1].
Mitigation
The vendor has released a fixed version V2.10.00R3B87H97 to resolve the issue [1]. Customers should upgrade their ZXCTN 6500 devices to this patched version. The advisory does not mention any workarounds for the unpatched version.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- ZTE/ZXCTN 6500description
- Range: = V2.10.00R3B87
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- support.zte.com.cn/support/news/LoopholeInfoDetail.aspxmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.