exploitDog

CVE-2020-21936

Опубликовано: 21 июл. 2021

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.

Ссылки

https://github.com/cc-crack/router/blob/master/motocx2.md
Exploit
Third Party Advisory
https://l0n0l.xyz/post/motocx2/
Exploit
Third Party Advisory
https://github.com/cc-crack/router/blob/master/motocx2.md
Exploit
Third Party Advisory
https://l0n0l.xyz/post/motocx2/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:motorola:cx2_firmware:1.0.2:*:*:*:*:*:*:*

cpe:2.3:h:motorola:cx2:-:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00223

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-x4m5-7h4q-f244

github

больше 3 лет назад

An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.

EPSS

Процентиль: 45%

0.00223

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-306