First published: Tue Sep 01 2020(Updated: )
A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV, ZXIPTV-WEB-PV5.09.08.04.
Credit: psirt@zte.com.cn
Affected Software | Affected Version | How to fix |
---|---|---|
Zte Zxiptv Firmware | =zxiptv-web-pv5.09.08.04 | |
Zte Zxiptv |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-6874 is a vulnerability in a ZTE product that is impacted by cryptographic issues.
The severity of CVE-2020-6874 is critical with a CVSS score of 9.1.
The ZTE products affected by CVE-2020-6874 are ZXIPTV and ZXIPTV-WEB-PV5.09.08.04.
Remote attackers could use CVE-2020-6874 for account credential enumeration attack or brute-force attack for password guessing.
To fix CVE-2020-6874, it is recommended to update the affected ZTE product to a patched version.