CVE ID: CVE-2020-6870 CVSS 3.1 Base Score: 8.2 High Description: - Version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. Affected Products and Fixes: - Source: - The vulnerability was found by ZTE's internal test. Update Records: - June 24, 2020, initial. Supporting team contacts: - ZTE GCSC hotline: 0755-26770800, 800-830-1118, 400-830-1118 - Product forum at ZTE Support website.