Unrated severityNVD Advisory· Published Jul 20, 2020· Updated Aug 4, 2024
CVE-2020-6872
CVE-2020-6872
Description
The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts some attack codes through the foreground login page, which will cause the user to execute the predefined malicious script in the browser. This affects <R5300G4V03.08.0100/V03.07.0300/V03.07.0200/V03.07.0108/V03.07.0100/V03.05.0047/V03.05.0046/V03.05.0045/V03.05.0044/V03.05.0043/V03.05.0040/V03.04.0020;R8500G4V03.07.0103/V03.07.0101/V03.06.0100/V03.05.0400/V03.05.0020;R5500G4V03.08.0100/V03.07.0200/V03.07.0100/V03.06.0100>.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ZTE/server management softwaredescription
- Range: Multiple versions for R5300G4, R8500G4, R5500G4
Patches
Vulnerability mechanics
References
1- support.zte.com.cn/support/news/LoopholeInfoDetail.aspxmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.