CVE-2020-25988

Sažetak

UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent.

Reference

https://youtu.be/GOMLavacqSI
https://github.com/ideaengine007/RandomStuffs/blob/main/Version_Vulnerable.PNG
https://www.exploit-db.com/exploits/49075
https://medium.com/%40niteshsurana/424f0db73129

CVSS

Base:	3.3
Impact:	2.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:A/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

07-11-2023 - 03:20

Objavljeno

17-11-2020 - 20:15