CVE-2020-6864

MEDIUM

ZTE E8820V3 Firmware < 3.1.0.1000.5 - Information Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-6864. PoCs published by gigachadusers.

AI-analyzed exploit summary The provided code is a network scanner that checks for the presence of the 'X-Content-Type-Options: nosniff' header in HTTP responses, which is a detection method for CVE-2020-6864. It does not exploit the vulnerability but scans a range of IPs to identify potentially vulnerable systems.

Description

ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router.

Exploits (1)

nomisec SCANNER

by gigachadusers · poc

https://github.com/gigachadusers/cve-2020-6864

View Code ZIP pw:eip

The provided code is a network scanner that checks for the presence of the 'X-Content-Type-Options: nosniff' header in HTTP responses, which is a detection method for CVE-2020-6864. It does not exploit the vulnerability but scans a range of IPs to identify potentially vulnerable systems.

Classification

Scanner 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Unknown (scanner for CVE-2020-6864)

No auth needed

Prerequisites: Network access to target IPs · Winsock2 library

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Apr 14, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012382

Scores

CVSS v3 6.5

EPSS 0.0054

EPSS Percentile 40.9%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Status published

Products (1)

zte/e8820v3_firmware < 3.1.0.1000.5

Published Feb 27, 2020

Tracked Since Feb 18, 2026