CVE-2020-6881
HIGHZTE ZXHN E8810/E8820/E8822 Firmware - Denial of Service via MQTT Message Handling
Title source: llmDescription
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014202
Scores
CVSS v3
7.5
EPSS
0.0023
EPSS Percentile
45.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-346
Status
published
Products (5)
zte/zxhn_e8810_firmware
1.0.26
zte/zxhn_e8810_firmware
2.0.1
zte/zxhn_e8820_firmware
1.1.3
zte/zxhn_e8820_firmware
2.0.13
zte/zxhn_e8822_firmware
2.0.13
Published
Dec 21, 2020
Tracked Since
Feb 18, 2026