CVE-2020-6873

CVE-2020-6873 is a medium-severity vulnerability in Zte Zxr10 2800-4 Almpufb(low) Firmware with a CVSS 3.x base score of 5.3. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment be out of management. This affects: ZXR10 2800-4_ALMPUFB(LOW), all versions up to V3.00.40.

Frequently asked questions

What is CVE-2020-6873?
A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment be out of management. This affects: ZXR10 2800-4_ALMPUFB(LOW), all versions up to V3.00.40.
How severe is CVE-2020-6873?
CVE-2020-6873 has a CVSS 3.x base score of 5.3, rated medium severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability low.
Is CVE-2020-6873 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (66th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2020-6873?
CVE-2020-6873 affects Zte Zxr10 2800-4 Almpufb(low) Firmware. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2020-6873?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2020-6873 published?
CVE-2020-6873 was published on 2020-09-01 and last updated on 2026-06-17.

References

Affected products (1)